One of the biggest threats to data security and the reliability of a company’s dad backup is employee misuse. Even with the perfect NAS storage system, the right security software implemented to shield the disk to disk backup hardware, and highly knowledgeable staff, without rules and policies in place to direct their use, employees can cause serious damage. Losing sensitive customer data is already bad enough when it happens because of a deliberate security breach that undermines a company’s brand and is expensive to fix. It’s even worse when the integrity of data is compromised due to employee mistakes that could have been prevented with proper data governance policies.However important it is, designing firm, clear data policies can be difficult, especially for a young company that has just begun to expand enough to need explicit data management and use rules. The process should begin with identifying the specific goals and purposes for the polices. This will help direct you as you define roles and permissions for each level of data access, articulate guidelines for the purposes and permitted uses of data, and set limits for when and how types of data can be manipulated or copied to be carried home or away from the internal server.The most common goals are to maintain control of the data, protect it from damage, prevent sensitive information from being leaked, and facilitate appropriate access to the data through the NAS storage system. Later, when it comes time to present the entire plan to the team, it can be useful to emphasize this last goal to diminish their resentment of extra bureaucracy and restrictions. Once you know roughly what you need to do to reach these goals, such as create tiered access levels and corresponding segmented data and implementing a file version backup strategy for the most sensitive files, you can figure out how to describe policies to make that happen.Security policies are the most familiar to many people and are a good example to explain the way the process should continue. Basic things like required password resets and security tests for new users on a workstation are common and frustrating in everyday life. Managing them and ensuing cooperation requires not just IT professionals who take ownership of the process of maintaining data policies, but also employees who help others keep up with the requirements and ensure they are both effectively designed and being effectively implemented. Obviously a smaller company can combine many of these responsibilities in one person. But making sure there is a person or team to oversee the continuance of data governance is as important as designing the policies.Data governance and clear data management policies are essential for any business, even if it uses only the most basic NAS storage system. The more importance the integrity and quality of the data is for the business’s day-to-day activities, the more directly effective data use policies will impact the bottom line.
Saul Cestern is a writer for various blogs and advice columns. To find out more about San Storage and other data options you can visit www.nexsan.com