Gates, guards & GDPR.
In the quest for cyber security, do not forget the physical. Latest blog by Rickard Hilmersson.
Individuals, organisations and governments all rely on storing and accessing data, instantly and around the clock. The increasing dependency on data, coupled with stricter regulation of the area, result in a strong need for data control and protection. Today, when executives discuss security, the focus is often on cyber security, the digital protection. But the concern should actually be on data security, where cyber security is complemented by physical security for the data.
Don’t lose sight of physical security
Physical security protects your digital assets from both natural disasters (fires and floods for example) and malicious attacks (terrorism, vandalism and thefts). The loss of data from a natural disaster could result in a temporary inability to operate and worst case in permanent loss of data – affecting not only your own organisation but also customers and partners. In addition, a malicious attack can result in misuse of sensitive information. These are risks that every responsible organisation needs to consider and manage. Not all organisations have the same need, the decision on security level should rely on a thorough risk analysis.
When evaluating where your data is – or should be – stored, it is important to consider the physical security of the data center. It can, for example, mean perimeter fencing with man and car traps to prevent tailgating, as well as camera and sensor surveillance to detect intrusion attempts already at the perimeter. This should be complemented with strict access control, including key card access combined with code and manual or biometric verification, to ensure your data control is relevant and enables traceability. Implementing this type of protection can be difficult and expensive for organisations with on-premise data centers, and also cause inconvenience if your data center is located in your office building.
By migrating sensitive data to a carefully selected colocation provider, with high focus on physical security and access routines, you can increase the protection of that data without the investment and the inconvenience. With a colocation service, the running cost of impeccable security is also shared by all customers.
Do you know where your data is?
After decades of unconcerned data collection, the regulatory tide is finally turning. This means that organisations today are subject to many regulations governing the protection and control of confidential information, financial accountability, data retention and disaster recovery, among others. To ensure they meet internal and external requirements, many implement a formal IT governance program that provides a framework of best practices and controls to address regulatory compliance.
This regulatory backdrop is important to manage when executing a cloud strategy. 60% of Nordic decision makers cannot say for sure even in which country their data resides – and if you don’t know where your data is, how can you claim control over it? The importance of location is gaining acceptance, and 91% of Nordic organisations have already moved or plan to move their data to another physical location as part of GDPR (read more in our whitepaper – The Perfect Storm).
Certain kinds of data and certain organisations require higher control. With DigiPlex colocation we can ensure that only persons authorised by you can access your dedicated colocation space. This is the type of security you generally don’t get when choosing only cloud services.
Colocation gives you more control
With increasing data dependency, security threats, data dispersion and regulatory demands, the need for data control and protection increases. Carefully selected colocation is a perfect complement to cloud for data that needs to be more tightly controlled than in a public cloud environment – independent of if you choose a private cloud solution or “just” migrate the servers to a dedicated colocation space within your geographical boundaries. You’ll know where your data is, and at the same time get the benefits of high security, cost sharing, dedicated operations and higher energy efficiency. If as a result of the move, you can close down your inhouse data center, you’ll eliminate future investment costs too.
When GDPR breaches could result in fines of up to 4% of global revenue – not to mention the negative publicity and loss of trust – physical security and data control should be strong arguments for considering colocation to host one of the most valuable assets in your organisation – the data.
Download our whitepaper – The Perfect Storm and discover more fascinating insights.
Article by Rickard Hilmersson – Head of Nordic Sales.
Read the other blogs in this series here.