Storage encryption: It might save UK businesses plenty

Why invest in a storage encryption strategy in the face of the new data recovery policy in the UK? Does the data storage recovery policy contradict the laws already in place for businesses that use data storage?  It may not contradict as much as people realise. Customers data still needs to be kept save and access limited to a few with authorised access.

Why is it good to have a data storage plan? What type of data will UK businesses be protecting? Is it customers’ telephone calls or credit card information? Depending on the type of data, a UK business may need to look into different encryption strategies. For example to protect against hackers, credit card information should be rendered unidentifiable and unreadable. Hackers won’t have a way of accessing credit card numbers and using them to make purchases online.

Why the UK law may seem Contradictory

It is no secret that as much as 26% of businesses employees admitted not understanding the new UK data privacy regulations. In part, the new law does seem to contradict itself, stating customer’s data from credit cards must be deemed unreadable. But, data from telephone calls must be stored. How can a UK business fully comply with the law and keep data safe without suffering any data loss that would jeopardise customers’ safety?

Do UK businesses simply make portions of the telephone calls with the credit card information irretrievable? Would this keep customer data safe? Should UK businesses invest in enterprise storage systems that have triple DES or AES security? Which is better? How can UK businesses best make certain they are in full compliance with a data storage plan?

Rotating a data key on a regular basis with safeguards in Place

All UK companies need to have some way of rotating encryption keys for their data. Having a strategy means companies will have access to files in the future and still be in compliance with UK data privacy laws. However, IT professionals must work closely with an attorney or legal team to access what data needs stored and how it is going to be used. Companies can also determine how much encryption they need to protect their networks and servers. Is it enough to use Smart flash drives for individual employee’s data? Should the company invest in triple DES encryption data storage?

While encrypted data storage solutions may be expensive, the question is can a company afford to the loss of valuable data is lost? It used to be company may only need to take a hard drive to a data loss professional to retrieve missing or lost data. With hackers and viruses designed to extract information, company heads may also need to consider the implications of being in violation of UK privacy laws. If data is not protected and a company is found in violation, it can be jail time for the company presidents, large fines for UK companies and the loss of customers.

How will your company respond to UK privacy concerns? If you do lose encrypted data by accident, it did you know a professional may still be able to retrieve the data? We recover data from hard drives, Memory sticks, Raid systems and more.