Seven Best Practices for Managing Data Storage (continued)
Limit access to need-to-know data In general, companies make data available to a lot more people than actually need it. "'Deny all' should be the default, and organizations should only give access to those people who really need it," says Domich. "And you have to audit those access rights on a regular basis."
Safely destroy, as well as protect, critical data operations "Completely erasing data is just as important as other aspects of data security," says Greg Schulz, founder of the StorageIO Group, a storage analyst firm based in Stillwater, Minn. "This means not simply discarding old magnetic tape, disk drives, laptops and desktop systems, but destroying the data residing on them."
Discriminate between backup and archiving "The growth of data -- whether in e-mails, IMs, database records, or transactions -- is pretty alarming," says Mike Kahn managing director of The Clipper Group, in Wellesley, Mass. "You need to know, legally, what you need to keep and what needs simply to be archived versus what is needed for backup and recovery purposes." Adds Lauren Whitehouse, an analyst with the Enterprise Strategy Group, an enterprise consulting firm based in Milford, Mass.: "Given increasing emphasize on compliance and privacy, companies need to be very vigilant to make sure that data is secured as well as readily available when required."
In the end, companies need to have an "information perspective" on all aspects of their data storage, says Joe Martins, a partner at the Data Mobility Group LLC, a Nassau, N.H.-based storage analyst group. "They need to think of storage less as bits and bytes and put it in a business context. This is what makes effective storage management capabilities so important."
About the Author
Alice LaPlante is an award-winning writer and editor who has covered business for more than 20 years.
<< Previous Page
Next Feature The Pros and Cons of Server Consolidation >>
