Backup Anytime

Data loss is something you may read about frequently. You may have had your own details breached or likely know someone who was affected. It is far less likely that you know someone you was compensated due to data loss. When was the last time you heard of data loss compensation? It is quite possible that data about you has been lost and you were not informed. It is much less likely that you will ever be compensated for any data loss incident.

With all the coverage data loss stories get in the newspaper, television, radio and  indeed blogs is remarkable that most people will never have heard of a data loss compensation case let alone know someone who was compensated. This is not specific to Europe but given the existence of a Euro comissioner and data comissioners in every member state, Europe is a good place to start.

Data loss is on an upward climb. Data loss awareness has certainly not been left behind. The medias continued coverage of data loss stories is a good indication not necessarily of the dangers presented by data loss (which are very real) but more so of the keen interest the public have in data loss news stories.

Some may believe that a data loss news story about a bank or corporation is near punishment enough for that institution. This may have been the case some time ago when the number of data loss news stories was minimal compared to now. Today however, a single data loss story will struggle to stand out.

Large businesses appear to continue without great difficulty after a data breach. The situation has become so common that some people may consider the occasional data loss event as normal! How come?

Here are some of the reasons.

Sanction.

Some of the possible sanctions which exist for data loss may appear quite serious to the individual or the small business but given that sanctions are on a per incident basis and not on a per person affected basis they dont actually have much effect on the bottom line and therefore planning of a bank or large corporation. What effect will a fine of one or two million Euros have on a major financial institution?

Breach procedure.

The existence of data protection legislation and data commissioners is intended to provide a level of protection for the public. The number of cases has now got to such a level that an organisation can take the procedures adopted and outcomes of prior cases as a learning curve in how do deal with a breach from the organisations viewpoint. A basic example is that simply reporting an incident on time (no matter how serious the incident is) removes that incident from the worst case scenario list. Organisations will use this and spokespersons will repeatedly say things like “The incident was reported within an appropriate time frame”, giving credence to an organisation which has compromised individuals due to its own failure to implement safeguards.

Compensation.

Data loss compensation is the most important issue here. You are not entitled to compensation because an organisation lost your data. If you need to read that last line again, go ahead. This applies even if the company lost your name, address and bank account number. The data loss has to result in a specific problem such as a crime against you and you need to be able to clearly demonstrate the link. This is rare and unusual compared to the amount of people about whom data is lost.

Number of events.

The number of data loss events reduces the significance of any one story and therefore the impact on the organisation involved. The apparent across the board inability of large numbers of organisations to protect data is actually to a degree legitimising their inaction.

Compensation requirement.

Large fines for corporation are not working. Prosecution at CEO level is always difficult and could be unfair. It’s all too easy to say a CEO is responsible for the business but most moderate people would agree that a line must be drawn somewhere.

A small standardised data loss compensation amount per individual could change everything. This would result in large corporations increasing protection as one mass data loss could hurt. It would also provide recognition that to loose someones data in a manner which puts it in the wild is wrong and is a wrong against that person.

By all means if people were significantly affected by a data loss the door would be open for greater compensation at individual case level but one thing (of many) that is needed to greatly increase protection and data respect is a small per person per case standard amount.

This would not be difficult to implement in Europe (if the will is there) as we have a broadly common framework and this area is in its infancy (one hopes given the apparent lack of control) and clearly needs broad, common action.

The specifics of the amount are not important if it is small enough to be accepted by industry and large enough to make data loss prevention a serious issue.

VM Ware sponsored survey points to high virtuialisation uptake.

The heading of this article may make you grin but in fairness the survey was completed
by independents and the results are not just belevable but all too predictable.

The survey points to 90 uptake of virtualisation. Detail on the categories queried is
scetchy but these figures would hold up in a data centre environment. While the figures
show great uptake of virtualisation they do not detail the split of brands used but
given vmware are the major player it is in fairness likely that they have the lions share
of the smart money.

The survey focuses on Europe and demonstrates that as early as 2007, over one third of
data centres used virtualisation. We are heading to over 50% this year.

virtualisation can offer cost effectiveness and greater redundancy while allowing
increased performance from the data centre while helping to keep it safe.

The report on the survey shows that the uptake of virtualisation is not purelt the
domain of large organisations and that while medium size company uptake is somewhat
behind, that market is increasingly making use of virtualisation.

The survey by IDC also points out that most traditional benchmarking tools will
underscore virtualisation as these tools focus on physical resource. The make it clear
that suitable performance and ROI measurement tools are on the way.

Despite the fact that this report is sponsored by vmware, the survey was conducted by
a third party and the results are in line with industry figures.

VMWARE (and virtualsation in general) has much to offer the data centre environment and
any reluctance to deploy virtualisation is likely to have a significant negative effect
on compeditiveness without any definitive tangible benefit from VMWARE abstinence.

There was for a period (and still is) some concerns in the industry that the use of
virtualisation was a software solution to a hardware resource issue. Some sectors in
the earlier days likened it to using software as a RAM substitute as was tried in the
mid nineties. This concern led to late uptake in data centres where the ethos was
correctly geared towards the “keep it safe” argument. Time has passed and virtualisation
 has passed the test with VMWARE taking the number one seat.