Who really has my business critical data and how safe is it?

Who really has my business critical data and how safe is it?

Business critical data is any information that is vital to the operation of your business. This is the data that you want to make sure is well protected, as if it gets compromised, the business becomes exposed to risk that could lead to some pretty serious situations that no business owner wants to be faced with; financial losses, bankruptcy, legal issues and possibly even closure.

Internet security is a real issue these days, with hackers becoming wiser and wiser to new strategies to get their hands on your data; think data breaches, theft and vulnerability to viruses. It’s particularly worrying for many businesses today who rely on storing their data digitally in the cloud or on a server, or for those who rely on a third party other than their software provider. It’s important to review your data security, and who has access to it.

Assess your data

Start by deciding what data within your business needs to be protected and where this data is located. Think about anything that would lose you sales or customers if it failed, or anything that would impact your customer service processes, damage to your business’s reputation, resources required to perform priority tasks and important reference materials or operating procedures. Generally speaking, any critical business process will equate to critical business data.

Also, if something should happen to your software provider, how easy will it be to retrieve your business critical data? Many SaaS application’s data is stored alongside other End Users data and sometimes on a number of different servers. End Users may consider requesting a regular data download to a server under their control and in a format that is transferable to alternative applications.

It can be expensive to protect every single piece of data within your business, which is why it is important to make an assessment and prioritise what is truly critical. This is usually around 20% of your total business data. Ask key people within your business what data they need to stay afloat and what they could temporarily function without. You may feel like you are managing exceptional circumstances, but it’s something you may wish to consider if you don’t want your business to be a casualty of another business out of your control.

Who can access

Next, ask yourself who has access to your business critical data. Is it your employees? If so, it’s important to ensure that they know how to handle this data and how to keep it safe. Everyone who manages, administers or operates IT infrastructure needs to become security conscious, so make this a focus within your business culture. Could you offer training to your team on the risks and threats of potential data loss? This is a good way to enforce and remind individuals of their role in business security so that it becomes second nature to them.

Ask yourself who has access to your business critical data. Suppliers? External agencies? Your hosting or software provider? Any other third party companies? If something were to happen to these businesses, what would happen to your business critical data? You may not have considered the contractual obligations of third parties.

For example, many of us quite rightly would not expect Amazon AWS or Microsoft Azure to go out of business anytime soon. However, if they are hosting your application and data and the contract with them is through your software provider, they are not obligated, structured or likely to be inclined to deal with you if your software provider goes out of business for whatever reason. Similarly, as an End User, you may have no experience of managing the Azure platform for instance in order to maintain access to your software.

Disaster-proof your data

Using digital and cloud-based solutions boasts so many advantages, but will always come with its risks. You’re relying on their security and a consistent connection with providers and external threats could interrupt or break that connection. What happens if your software provider goes out of business? Your software and data will still exist but you may not have a contractual right to access it. You’ll want to make sure you have some extra protection in place.

Make SaaS escrow part of your disaster plan. It protects your critical cloud-based and off-premise software and data in the event of your software or hosting provider going out of business. Instead of being left with a blank screen and inaccessible data, your cloud-based software and data will be accessible for at least three months of business continuity. If you’d like to know more, give us a call today on 0800 456 1115.

Ask a question