Data Privacy Day is coming up on Saturday, Jan. 28. Led by the National Cyber Security Alliance (NCSA), this event is a key part of a yearly global campaign focused on safety, security, and privacy. The theme for this year is “Take Control of Your Data.” It represents a worldwide endeavor to raise awareness about the significance of privacy respect, the protection of personal information, and the cultivation of trust.
Executives from several weigh in on the incredibly important topic this day represents:
Niels van Ingen, chief customer officer for Keepit
“No one likes surprises, particularly IT executives who believe their SaaS cloud providers have taken all the necessary steps to back up customers’ critical enterprise data. This is never truer when a disaster strikes, whether from an internal mistake or an attack from the outside, leaving business operations at a complete standstill.
“The unfortunate truth is that most SaaS providers don’t offer the necessary level of data backup and recovery that enterprises require to get back up and running.
“And guess what? If you read the cloud agreement, you’ll discover SaaS vendors aren’t responsible for data backup. The onus is on you.
“It’s easy for individuals and businesses using popular cloud-based services to believe their data is “backed up in the cloud” and easily retrievable in the event of an attack or accidental deletion. However, they quickly learn – often too late – that backup services from SaaS vendors are usually very limited, disorganized, or prohibitively expensive to access. Organizations also get surprised when learning that many SaaS providers offer a limited data retention period, where after such time, the data is permanently deleted.
“That’s why the only true backup – and the last line of defense in SaaS data protection – is having granular, reliable, and fast backup and recovery capabilities, with the data stored separate from the SaaS vendor’s environment.”
Kris Lahiri, co-founder and CSO of Egnyte
“As we head into 2024, organizations and individuals are beginning to navigate an increasingly complex data privacy landscape, with companies storing more personally identifiable information (PII) while adhering to modern data privacy regulations enacted nationwide and globally, with 71% of countries today having some legislation currently in place.
“More customers are considering how companies will use and store their data before agreeing to do business with them, especially with the recent advancements companies are making with AI, so on Data Privacy Day, it is vital to review your data privacy policies and how to serve your customer base best.
“As AI technology becomes more commonplace, users will try to leverage these tools with their company data, much like during the ‘shadow IT’ era. While heavily regulated companies may create explicit blocks on these tools, a more prudent approach is to review how these technologies protect the data privacy of the data that they use. Consider adding a company-wide AI policy to complement your data privacy policy.
“In the U.S., 12 state consumer privacy laws are active today, with more plans to be enacted by the end of the year. This momentum around privacy regulations is going strong, so take the time to review new data privacy regulations and how they apply to your business. Don’t wait for a formal compliance request to get your privacy practices in order – stay one step ahead.
“Stay proactive by updating your data privacy policies and mapping your company data. Understand where your structured and unstructured data lives, how it is used, and who has access to it. By having a complete picture of the data that your organization stores, you can also see the potential risks that may arise so that you can bolster your cybersecurity defenses.”
Carl D’Halluin, CTO, Datadobi (https://datadobi.com/)
“On January 28, we celebrate Data Privacy Day. Initiated in the United States and Canada in 2008 by the National Cyber Security Alliance, its aim is to raise awareness and promote privacy and data protection best practices.
“I would say the number one data privacy best practice is pretty simple: make sure you can get the right data to the right place at the right time. Wherever the data is in its lifecycle, it should be protected and only accessible as needed. Of course, this tends to be easier said than done. But, there is perhaps nothing more critical and imperative than implementing the right strategies and technologies to do so. After all, while data is an organization’s most valuable asset (in addition to its people), it also represents its greatest potential risk.
“Balancing these two aspects is key. In other words, effective data management enables you to optimize your business intelligence, make faster and smarter decisions, and gain a competitive edge, as well as better meet business requirements such as internal governance and legal mandates, external regulations, and financial obligations and goals.”
Don Boxley, CEO and co-founder, DH2i (www.dh2i.com)
“Data privacy isn’t just important for businesses – it is a matter of corporate survival. A company can make just one small mistake, neglect one small security check-box, and the consequences can be catastrophic. One small mistake could lead to a data breach that causes legal and regulatory fines, as well as irreparable damage to the company’s reputation – a nightmare from which recovery is near-impossible.
“A software-defined perimeter (SDP) solution could be the answer! Many SDP solutions are engineered to provide secure network connectivity across on-prem, cloud, and hybrid environments. SDP enables its users to transform their traditional network-based perimeter security with a more sophisticated one that creates micro-perimeters around data. SDP enables secure connections between data centers and across private and public cloud platforms without needing a VPN or direct connect, thereby significantly reducing security vulnerabilities even further. In addition, for those focused on data protection and privacy, SDP enables the ability to create secure tunnels for specific applications, as opposed to entire network access. Ideally, such a solution would be streamlined and straightforward to manage, equipped with an intuitive interface that eases the configuration, and ongoing management of secure connections. This combination – increased security, ease-of-use, and adaptability – makes SDP the ideal choice for protecting data and ensuring data privacy.”
Steve Santamaria, CEO, Folio Photonics (https://foliophotonics.com/)
“On Data Privacy Day, we are reminded of the business-critical importance of safeguarding sensitive information – both professional and personal – at a time when data breaches and cyber threats have become all too common. For data protection professionals, this should not be viewed as a gentle nudge but rather a polite – yet strong shove toward reviewing and fortifying the technology and policies that serve as the underpinnings of your data protection strategy.
“How can anyone not admire those responsible for their organization’s data protection? As we in the business know – it’s no walk in the park! The good news is of course, that smarter and more powerful technology solutions continuously enter the marketplace, ready to take their place in the data protection professional’s arsenal. Active archives built on an optical storage foundation can offer an ideal data protection solution for several compelling reasons. Firstly, they provide a high level of security as data stored on optical discs is read-only, rendering it resistant to cyber threats like ransomware. Optical storage is also highly durable – able to withstand physical damage from factors like magnetic fields, moisture, and temperature fluctuations, ensuring the safety of critical data. What’s more, optical storage media boasts a long lifespan, making it ideal for data archival and compliance requirements while also being cost-effective in the long term. And last but certainly not least, it can be easily air-gapped – adding a virtually impenetrable defense against a cyber-attack.
“Retrieving data from optical storage is quick and reliable due to fast read speeds, making archived data readily accessible. And if that isn’t enough – it is environmentally friendly, consuming less energy and having a lower carbon footprint compared to alternative storage options.”