Tuesday, November 4, 2008

Plugged in: Getting physical with computer security

Last week, I discussed some obvious computer security oversights that might compromise you and your business. (Well, maybe not sufficiently obvious, because they happen with regularity.) Before turning to another topic, a broader overview of computer security seems in order.

Protecting your computer data is as basic as locking your house or car and buying basic insurance to protect you in case of loss. Extending this analogy, computer security has two components. An electronic “lock” protects you against those who might invade your privacy and misappropriate or vandalize your data. Physical security, including data backup, protects you against physical loss such as fire or theft. These components require different actions by you. I’ll address physical loss this week because, in some ways, it is more straightforward.

Casualty losses such as fire or flood damage and thefts of computers and related equipment like printers are fairly common. Your best bet under these circumstances is to ensure that you have adequate physical security for your premises and that you maintain enough insurance that includes replacement coverage for office equipment. In that regard, it’s no different than protecting any other sort of valuables with one exception: you’ve also lost a great deal of crucial information unless you back up your data every day. I have had clients who failed to ensure that their business data was regularly backed up and who went out of business after their premises and business equipment were destroyed by fire. In fact, losing the bulk of your business data is one of the surest paths to business problems.

Electrical damage from sudden power loss or high voltage surges can be obvious, such as smoke rising from your system. More common, though, is subtle damage such as scrambled accounting programs and other databases. These sorts of programs are among the most common used by businesses and among the easiest to scramble due to uncontrolled shutdown in the event of a power loss or rogue voltage spikes in the event of a power surge. Most insurance policies will not cover hardware failure or data loss arising from either voltage surges or power failures. You’re on your own in these circumstances. Luckily, it’s pretty easy and inexpensive to cover yourself.

Another threat to your data is hardware failure, whether a hard disk that makes a sudden harsh grinding and then stops working or a gradual failure of a hard disk controller on your main system board that slowly scrambles your data until it becomes unusable.

However, as much as 80 percent of all data loss happens because of operator error, whether your own or an employee’s, not because of fire, theft or hardware failure. That’s a grim statistic.
Once we understand why data is lost, it’s fairly easy to reduce the likelihood and consequences of loss. The most obvious step is ensuring that you back up your data every day and take the data backups physically off the premises, storing the data backups at home or some other secure premises where the same fire, theft or other casualty won’t result in loss of your backup data.
Next week, I’ll outline some easy, concrete steps that you can take to avoid losing critical computer data.

Local attorney Joseph Kashi received his bachelor’s and master’s degrees from MIT and has been writing and lecturing about technology throughout the U.S. since 1990 for American Bar Association, Alaska Bar Association and private publications. He also owned a computer store in Soldotna between 1990 and 2000.

No comments: