Data Protection and why it is important (8th September 2022)

Ref# T2022_16 | Date: Sep 8th 2022

What is Data Protection?  

Data protection is the act of preventing crucial data from being corrupted, compromised, or lost. It gives the capacity to restore the data to a usable state if rendered unavailable or inaccessible.

Data protection ensures that information is not tampered with, is only accessible for permitted uses, and complies with any applicable legal or regulatory requirements. Data that has been protected must be accessible when needed and usable for the intended function.

However, the definition of data protection encompasses more than just the idea of data accessibility and usability; it also includes concepts like data immutability, preservation, and deletion/destruction.

Data protection spans three broad categories, namely, traditional data protection (such as backup and restore copies), data security, and data privacy. The methods and tools employed to safeguard data can be viewed as business procedures and data protection mechanisms that help to achieve the overall objective of maintaining the immutability and continuous availability of crucial business data.

Principles of Data Protection  

The preservation and accessibility of data are the guiding principles of data protection. Both the operational backup of data and business continuity/disaster recovery are referred to as data protection. Data protection strategies are evolving along two lines: data availability and data management.

Data availability ensures users have the data they need to conduct business even if the data is damaged or lost.

Data lifecycle management and information lifecycle management are the two main facets of data management utilized in data protection. The process of automating the transfer of crucial data to online and offline storage is known as data lifecycle management. Information lifecycle management is a thorough approach for classifying, valuing, and safeguarding information assets from user and application failures, malware and virus attacks, equipment failure, and facility outages and interruptions.

Purpose of Data Protection   

By using disk, tape or cloud backup to securely store copies of the data that may be used in the case of data loss or interruption, storage technologies can be used to protect data. In addition to traditional backup, additional software technologies (such as cloning, mirroring, replication, snapshots, modified block tracking, etc.) are adding another layer of data protection. Due to technological improvements, it is now standard practice to offer continuous data protection, which backs up the data anytime a change is made to enable almost immediate recovery.

Tape-based backup is a strong option for data protection against cyber-attacks. Although access to tapes can be slow, they are portable and inherently offline when not loaded in a drive, and thus safe from threats over a network.

As organizations frequently shift their backup data to public clouds or clouds managed by outside service providers, cloud backup is also growing in popularity. These backups can be used as a disaster recovery facility in place of on-site disk and tape libraries, or they can be used as supplementary protected copies of data.

Differences between data protection, data security and data privacy

The terms data protection, data security and data privacy have different purposes:

  • Data protection safeguards information from loss through backup and recovery.
  • Data security refers specifically to measures taken to protect the integrity of the data itself against manipulation and malware. It provides defense from internal and external threats.
  • Data privacy refers to controlling access to the data. Organizations must determine who has access to data. Understandably, a privacy breach can lead to data security issues.

 The Guyana National CIRT recommends that users and administrators review these recommendations and implement them where necessary.  

PDF Download: Data_protection_and_why_it_is_important.pdf