Posts Tagged ‘data compliance’

UK online backup providers target Irish market.

Monday, December 22nd, 2008

UK online backup providers target Irish market.
Savvy UK online backup providers are set to take advantage of the near parity between Sterling and the Euro. We have first hand experience of this with a client and a potential client.

A client of ours received a legitimate marketing email as a consequence of a list he had signed up to. The email was from a partner of the media company our client had signed with for industry partner updates. The email in question was from a well established UK online backup provider and offered our client online backup at compeditive UK rates which as a consequence of the current status of sterling equated to exceptionally compeditive Euro pricing. The email actually referred directly to the savings which can be made by Euro zone clients which would indicate at the very least that the UK online backup provider expected some Euro zone cleints to receive the email or possibly that it was targeted at the Euro zone market. Our client contacted us to compare what is on offer.

We explained the benefits of backing up within Ireland and that value as a consequence of currency values is not permanent and could change either way in the future. We pointed out the specific merits of our system while explaining that we did not know which system the UK compeditor used. Our client thankfully decided that while there were savings (and in fairness they were not moderate) that he had a quality, functional system which was already setup and decided to stay with us.

A representative of another Irish company with whom we are currently running a trial has indicated that he may take a trial with a UK competitor. This is the first time we have knowingly been pitched against a UK online backup supplier when competing for indigenous Irish business.

Does this spell disaster for Irish online backup providers?
The existence of competing providers who as a consequence of currency have competitive price advantages is a difficult one. Online backup however is an unusual service. First off, clients in the main see compliance and availability advantages by having their data in their own country. Secondly, online backup as a mission critical service which needs to be managed and supported correctly is not as price sensitive as off the shelf products. I read on a twitter  tweet (not sure if that is the correct way to put it) recently about people gaining in excess of 35% savings on electronic goods. I think therefore that while the current pricing advantages of UK online backup providers warrants recognition, so too do the  benefits of backing up at home. I think the savings will only be tempting on the largest online backup archive situation and ironically in those situation the benefits of backing up at home (physical availability access levels to large data quantities are important due to transfer limitations) are most obvious.

In summary
Sterling area online backup is very cheap for Euro buyers at present. This however is susceptible to change. Keeping data outside the state could give rise to compliance issues. Physical access to data is hindered if outside the state and leaves the client reliant on broadband. It is also important to note that cheap online backup has been available for some time in the U.S., India and China but the uptake of these services by Irish clients has been very modest. It would appear that the scramble to reduce I.T. costs is in the main conscientious from the point of view of avoiding compliance and availability issues.
Online backup at commercial level is for the moment a difficult service to export and has keen following at domestic level in mature markets.

Tags: , , , , , ,
Posted in I.T. costs, Online backup, data availability | 3 Comments »

Want to continue in business? Get business continuity.

Tuesday, October 14th, 2008
Business person without data protection today! Donkey!

Business person without data protection today! Donkey!

Want to continue in business? Get business continuity.

All the talk these days is based around the global credit crisis, recession, future outlook and financial opinion. It would appear that one persons opinion is as likely to be wrong or right than that of any other. The abiding consensus among business people who by their nature tend to be optimists is that the good times will come back. Sounds hopeful? Yes, but it is also something that is likely to be proved right in time as was the previous vision of meltdown provided by economists.

These people in the main therefore want to continue in business. They better get business continuity in place. The better ones will. Business continuity is essential for many reasons including and not exclusive to data compliance, client protection, data availability and indeed business survival.

So, what must one do. In a nutshell (and that is all this post is) you need to ensure that the data you retain passes the following criteria.

Permissible : You must ensure you have the right to retain data regardless of format.

Backed up : In addition to ensuring that data does not get in to the wrong hands you must also ensure that it remains available to you.

Protected : You must take adequate measures to ensure that any access to this data is appropriate and by appropriate persons. Do not confuse this with backup. Just because you retain a copy of data does not mean it is safe from unauthorised persons.

Revised : Data store compliance needs to be managed. Any data which you held with permission and rights last month may not be yours to use today.

Destroyed. You must remove data before it passes it’s appropriate usage date. Simple deletion is not actual deletion. A simple delete function merely tells the system, to mark the data as not required should hard drive space become needed. Modern drive sizes dictate that in many cases this rarely or never happens. You could be shocked and more seriously affected by the amount of supposedly deleted data which could be retrieved with minimal effort from your systems.

Managed : All of these factors need to be managed in conjunction with each other. This may require software, hardware and outside assistance. Most regions and many industries also require the appointment of a data protection officer. In small business environments this is generally someone with other existing tasks.

Sounds expensive? It need not be.

Sounds like a requirement? Yes (with variances on requirement level depending on location and industry)

Sounds urgent? Now is a good time. Anytime after a data outage is too late.

Sound important? How would your clients feel if they felt the data you have relating to them was not protected? Not to mention the consequences of it becoming public as a consequence of your non compliance.

Sounds scary? No soundbites or frighteners here. This is reality.

Want to take action?

Contact backupantime today and speak in absolute confidence with Ireland’s favourite online backup providers.

Tags: , , , , , ,
Posted in data backup, data management, data protection | No Comments »

Interview with Struan Robertson technology lawyer with Pinsent Masons.

Tuesday, September 30th, 2008
Interview with Struan Robertson, technology lawyer with Pinsent Masons.
If you have sought expert legal advice pertaining to data an technology at corporate level you may be familiar with Pinsent Masons. If you have searched Google even on a cursory level data protection information you will likely be very familiar with out-law.com of which Struan Robertson is editor. 
Our privilege in running this interview is very much to the advantage of our readers. For this we thank Struan.
Introductory detail.
 
Name : Struan Robertson
 
Company : Pinsent Masons
 
Position : Legal Director, Pinsent Masons and Editor, OUT-LAW.COM
Marital status, family members : Married
 
Education / Qualifications 
I did my law degree and diploma at Strathclyde University - then somehow scraped my way through a beginner’s class in Java programming.
 
Pastimes / Hobbies : Running, skiing, movies
 
Q : What type of car do you drive? 
A : Chrysler
 
Q : What area of law do you most enjoy? 
A : Internet law. It develops far faster than other areas of law, which keeps it interesting, and for a technology enthusiast there’s nowhere else to be.
 
Q : Given that out-law.com was first registered over ten years ago, why is it do you think that Pinsentmasons were so far ahead of their time in seeing the benefits of investing in a legal information and discussion site distinct from their own domain? 
 
A : We weren’t first to register the name; we bought it in 1999 for, I think, CAN$5,000. More recently we were able to buy Outlaw.com (no hyphen) for US$25,000, though we never had any plan to use it. We launched OUT-LAW in May 2000. We aimed to become the leading online legal brand and the leading brand for online legal services.
The legal profession moves forward at glacial speed, so it’s not hard to stand out from the crowd - it just takes a bit of courage. Ours is a more innovative firm than most, I think - I’ve always thought this firm has a strong entrepreneurial spirit. Working on OUT-LAW felt rather like working at a start-up, but we’d have canned it if it hadn’t worked. Fortunately, it works very well for us. We take the view that clients won’t pay for basic legal information but they will pay for legal advice. So we’re giving away the basic legal information. Clients really appreciate that and OUT-LAW helps us to win their work. We recognised that people will use Google for legal research before coming to any law firm website, including our own - so we make sure that our pages are easy to find through Google. I’m surprised that so few firms do that.
 
Q : What are the work achievements of which you are most proud? 
 
A : This year we became the first law firm ever to win a Webby. That was a great accolade for us. But I suppose the thing that matters most is that we have also helped a lot of businesses over the past 8 years and we have won a lot of work directly or indirectly through OUT-LAW. Companies recognise from OUT-LAW that we know what we’re talking about and that we can communicate in plain English, not legalese. All firms claim to have those skills; we prove it.
 
Q : Do you believe that data compliance has become overly complicated for small business or that there is little excuse for non compliance in an era when information on compliance requirements and readiness is pervasive throughout the Internet? 
 
A : Most businesses will experience data compliance challenges and occasional oversights. Sometimes a problem is resolved easily by following free guidance; sometimes specialist advice is needed. Businesses in the UK are covered by laws that are fairly general in nature, that can be re-interpreted as technology moves on. That’s better, in my view, than the US approach where the laws change frequently because they are technology-specific. There are also more laws to keep up with in the US, at state and federal level.
 
Q : What general advice would you give to business startups with regard to data protection and compliance? 
 
A : There’s a lot of useful free guidance out there, so read that first. Do get advice from a specialist with your data collection notices, though, because if you get that wrong at the start, you can build a business on a collection of data that was unlawfully obtained. We don’t hear much about enforcement action, so people may think they can run that risk. But if you come to sell your business in the future, you can bet that the lawyers for the purchaser will hammer you down on price if they can argue that your database was built illegally.
 
Q : Do you believe that the traditional high street general practice legal firm is equipped to deal with compliance issues or that business owners ad managers should seek specialist advice in this area. 
 
A : As you would expect, I’d recommend seeing the specialist. You’ll find that many high street lawyers will recommend the same thing - we often get referrals from other  solicitors.
 
Q : Is there a compliance point beyond which a company can consider themselves to have done all they can do or is it possible for a company with good practice and intentions to suffer sanctions as a consequence of say a theft involving data? 
 
A : The sanctions for data thefts to date have generally focused on failings in systems and controls. If you follow best practice guidance, sanctions are less likely, though clearly a data theft can still be very damaging.
Q : With all the focus on cyber criminality and corporate responsibility, what responsibilities do you believe
members of the public have on an individual level in protecting their personal data?
A : Very few. The current Banking Code, which is part of most consumers’ contracts with their banks, sets certain expectations for online banking. It says, in effect, that users must keep their anti-virus and firewall software up to date or they could be liable if their accounts are cleaned out by criminals. But if weak security on a consumer’s PC is to blame, it’s not reasonable to hold that individual liable for the
loss for failing to install the latest patch. I suspect most banks would take the same view. But if one bank does try to hold a customer liable for his or her weak security, I can’t see a court upholding that requirement. The focus has to remain on effective layers of security. Consumers must be provided with identification and authentication systems that are secure and easy to use. We’re not there yet. For as long as websites continue to ask for your mother’s maiden name, there is work to be done.
 
Visitors, want to see more who’s who in data? Then watch next weeks who’s who in data.

If you liked that post, then try these...

"Thumbs" up to pix.ie on August 5th, 2008
Tuesday push recommendations are made easy by candidates like pix.

Interview with David Whitelegg of itsecurityexpert.co.uk on September 23rd, 2008
Interview with David Whitlegg of itsecurityexpert.

Tags: , , , , , , , , ,
Posted in Data Privacy, Data Security, Who's who in the data industry, data protection | No Comments »