We talk a lot about security in the digital age and importance of preventing data loss, but the assurance that comes from knowing that in the event of a catastrophic failure to your home or business, your data will still be protected is priceless. Should your data center be destroyed or become inaccessible, having a fail-safe mechanism that guards and backs up your sensitive data can help you salvage most of it in events of a catastrophic failure. With the entire brain of an organization’s operation on a hard drive (in fact, several hard drives), having a data contingency plan is essential for the security and recovery of lost data. As part of this contingency plan, all electronic data is ideally backed up to alternate electronic media on a daily basis. This information is stored nightly at an alternate campus facility, and, rotated to a third-party storage facility on a weekly basis. Here are some scenarios that can cause in total data loss; be it individual data or data belonging to a multinational organization.
Accidental Deletion: This is the most realistic scenario and whether it’s caused by your own screw up or someone else’s, it can wreak havoc for your data unless you have the proper data back-up plan.
Hard Drive Crash/Virus: I hope you’ve never had to go through the pain of recovering important data from a crashed hard drive, but I have and it’s no fun.
Theft: What happens if someone takes your computer, and that nice looking backup drive that’s attached to it? With data thieves becoming smarter day by day, today, they don’t even need physical access to your computer to steal your data. All they will need is your computer connected to the internet and they can sabotage whatever information they needed.
Fire: Fire spells total loss to pretty much everything in your home; will your data survive?
Water Damage/Flooding: Between water and fire I’m not sure what’s more likely to happen, but around here we get hail and definitely have the potential for flooding
Data Security Contingency Plan
Your company’s data contingency plan should start with securing its data. In modern society all companies maintain critical information on computers. As such, some of the below security tips are a prerequisite prior to storing any data on a hard drive.
1. Identify what sensitive information you have, what you use it for and where it resides. Translation: inventory your company’s potentially sensitive information (e.g., customer credit card information) and document on which computers, servers and laptops it’s stored.
2. Isolate/segregate sensitive data. Keep sensitive information on the fewest number of computers or servers, and be sure to segregate it from the rest of your data and network if possible. “The fewer copies of data you have, the easier it is to protect,” said Jon Heimerl, the director of strategic security for Solutionary, a security services company that helps companies of all sizes design and manage better security programs and detect and prevent security events.
3. Encrypt sensitive data. According to Heimerl, encryption becomes even more important when your data is mobile. “There are many options to encrypt data via applications, databases or via security suites that can run, for instance, on a laptop. If you can encrypt the data, chances are good that, even in the event of a breach, the information will be safe from ultimate compromise. The HITECH Act, for instance, says you must report breaches of unsecured data. Encrypted data is considered secure.”
4. Use Secure Sockets Layer (SSL) or a similarly secure connection for receiving or transmitting credit card information and other sensitive financial data. Using a secure, encrypted connection such as SSL protects sensitive data while it is in transit across the Internet.
Data Recovery Contingency Plan
The second, if not just as important and critical as data security is the back-up plan to support the recovery of lost data. Because the actions you take upon experiencing a hard drive failure is critical to the recovery and salvaging of your company’s’ data:
– DO NOT open your hard drive and expose the media!!! There is nothing inside that needs the attention of a common user or do-it-yourselfer. Only a qualified hard drive data recovery engineer in a certified clean room environment should ever open a drive.
– DO NOT try to swap circuit boards on modern drives. There may be firmware/system area conflict issues that may cause major problems.
– DO NOT put your drive in the freezer and then try to spin it up. It is possible that moisture has condensed on the media surfaces. This WILL cause head contact if it has and will destroy the drive.
– DO NOT listen to your friends or continue to look for home remedies on the net such as the one mentioned above, seek professional help if you value the lost data.
– DO NOT continue to power cycle a clicking or non-responsive drive; it’s not going work for you and may make the drive unrecoverable. If it should come “ready” by some chance, the possibility of it loading the OS for you, “just one more time”, is a million to one.
– DO NOT install recovery software on the same drive/partition that you’re lost files are on, you will overwrite them with the installation.
– DO NOT run the recovery CD/DVD furnished with your PC. Most OEM helpdesk techs don’t care about your data; they only want the hardware back on line.
As long as you adhere to the above do not’s, the folks at Salvage data suggest you do the following prior to contacting the tech doctors:
– DO try to slave your drive into a working system to check for readiness and file system integrity. You may be able to copy your data with no problem if only the OS is corrupt or if there is a hardware issue with the original host computer.
– DO try an undelete demo from the net to see if what you’re looking for is available for recovery, if so, purchase the tool.
– DO seek professional help if you’re not 110% sure of what you’re doing. You can learn basic recovery procedures on an expendable system.
– DO back up your data early and often. It’s not if, it’s when.
This article is compiled by Raymond Ray, who is an Electrical Engineer and a Technology Writer and has a special interest in data security, backup mechanisms, contingency planning and everything that involves preventive measures against catastrophic failures that can result in severe data losses.