By Ben Puzzuoli, Director Sales & Marketing at DataDepositBox
October 19, 2015 (CV-10/2010)

Data Deposit Box Online Backup Expert Tips: Challenges with Compliance

Compliance is a challenge to every organization, regardless of its size. The goal of regulatory compliance is to provide guidance and accountability so companies have strong, auditable security regardless of where data resides. If implemented correctly by companies, it should help them manage risk, protect sensitive data and ensure technology investments improve daily operations as intended, while keeping sensitive data compliant. However, the reality is the compliance needs of the multiple laws and acts (i.e. HIPAA, Sarbanes-Oxley, Gramm-Leach-Bliley, etc.) seem competitive, contradictory and practically impossible to implement. So, the threats of fines and penalties for non-compliance can assume nightmarish proportions. Therein begins the problem of compliance.

Most organizations are reactive rather than proactive about compliance. Every new regulation has them scrambling to update policies and to put in place processes for the enforcement of these new policies. Considering the number of new laws that are being written every year, this can be a losing proposition leading to confusion, frustration and non-compliance. As such, it is not surprising that many organizations lose heart and declare that keeping up with customer data compliance is difficult if not impossible. They bemoan the fact that every act and law demands a different methodology of handling data.

Many organizations still resort to manual handling of their data (tape backups, external drive) to meet the different compliance standards. They begin to treat compliance as a checklist that must be checked off for the satisfaction of the audit teams. They consequently put in place processes to comply with one specific requirement and then have to set up additional processes to meet the requirements of others. This makes for a lot of band aid processes that create a tracking nightmare that only gets worse with time.

The root of the problem seems to be in the way organizations handle their online or offline data storage and security with daily processes that do not comply with today’s, let alone tomorrow’s needs. In many organizations, operations and data security teams are logically separated as they handle different aspects of data impacting work. For example, the security teams do not have access to the work areas monitored by the operations teams. This often results in an imperfect network monitoring system and under-optimized network infrastructure, which becomes vulnerable. Security teams end up pouring over logs when an audit is imminent and any changes in the configuration files between audits go unnoticed by the security teams. Therefore, if an audit points out that something has changed, the security team can be at a complete loss to identify what has changed and why.

One trend you are beginning to see in the market place is fines for companies that mistakenly lose data and are not in compliance as a result. Just search for data loss, data breach, or other similar keywords, and you will find myriads of fines imposed on companies.

Businesses need to look for technology solutions that allow them to automate their processes, improve security, easily track policy adjustments and provide reports for auditing purposes. They should attempt to create an efficient, enterprise wide business process that blends security, and strategy into operations, while automating compliance to all laws and standards. In addition, they must learn to appreciate the fact that compliance is a continuous process and not a point in time exercise. The good news is there are cloud solutions available in the market place that provide the tools and automation to make this struggle with compliance a lot easier for today’s and tomorrow’s business needs. The risk and liability for organizations is growing daily along with their data. Your business cannot afford to remain manual and expect to keep up with the growing complex regulatory environment in the days, weeks and years to come.

About the Author: Ben Puzzuoli is Director of Sales & Marketing at DataDepositBox, a Toronto based cloud data backup service provider, which is listed at both the Toronto and Frankfurt Stock Exchanges. DataDepositBox technologies and solutions are currently used daily by over 200,000 customers, 1,000 resellers, 25 MSPs and private label partners for online backup and recovery, archiving, disaster readiness, secure file sharing and remote access. Visit DDB website here: www.DataDepositBox.com

 

 

Related posts:

  1. Box Announces Strong Second Quarter Fiscal 2016 Results
  2. Box Announces Strong First Quarter Fiscal 2016 Results
  3. Box Platform to Power Business Transformation for Customers
  4. Box Advances Lead as Next Generation Enterprise Content Management and Collaboration Platform
  5. Data Deposit Box Continues Global Expansion with New Australian Partnership
  6. Data Deposit Box Offers Improved Backup and Recovery Services to the Global SMB and SME Market!
  7. Box Introduces Box Developer Edition to Power Apps for the Digital Enterprise
  8. Box for Industries Unveiled at BoxWorks
  9. Box Delivers Content Platform to Power the Next Generation of Enterprise Software
  10. Data Deposit Box Inc. Surpasses 200,000 Cloud Accounts Under Management

Tags: , ,