Data loss incidents, when an organization suffers the loss of valuable data, can cause considerable harm to the business. The loss may be as a result of a natural disaster, fire, or theft, and the impact can be irreparable. Yet statistics show that relatively few organizations adopt robust data protection policies. This is short-sighted because sensitive and important data is held in the cloud, and its loss, even if temporary, can hurt the organization.
Risk of Data Loss
The most likely reason for the loss of data is through a natural disaster, and interestingly, significant portions of the country are at risk in one way or other. Heavy flooding, hurricanes, and earthquakes have a wide geographical spread and one incident can affect a large area, so it’s important to consider not only the business location, but also the location of data servers. In addition to natural events, data may also be lost through fire and theft.
An easy way to understand the business risk is to ask one simple question: What if we lose our data?
According to a 2014 Global IT Study that surveyed 3,300 respondents, 64 percent of organizations experienced data loss in the last 12 months. The research highlighted that the cost to enterprises of lost data and downtime was $1.7 trillion.
Researchers found that although a high percentage of organizations had disaster recovery plans in place, relatively few had implemented effective data protection practices and less than half employed remote, cloud-based data protection.
Impact of Lost Data
There are two aspects of data loss that affect organizations. Firstly, there’s the loss of the data itself that may include essential operational information, critical customer data, and proprietary information, all of which affects the company’s ability to function. Secondly, there is downtime that inevitably arises from the incident as the organization works to recreate or recover the data. In the worst-case scenario, an organization might have to suspend operations for a period of time, resulting in lost revenue.
Apart from the short-term losses, businesses may incur ongoing difficulties that lead to the loss of customers, lower sales, and long-term reduction in revenue. In many instances this can mean closure or bankruptcy.
Based on the Global IT research, companies need to take the risk of data loss seriously and implement a workable disaster recovery (DR) plan.
Disaster Recovery Plan
Although a comprehensive DR plan needs to consider all aspects of disaster recovery, there can be no recovery if the data is not available. Consequently, at the core of the DR plan must be a process for ongoing data backup and remote storage. Should data be lost, this would mean that it can be recovered, operating systems restored, and business resumed with little delay.
Contingency planning must allow for the possibility of partial or complete loss of data. Additionally, apart from allowing for natural calamities, plans should factor in the risk of man-made catastrophes, such as fire, explosion, equipment failure, and data theft.
Every business faces the possibility of losing data in one way or another. It’s imperative to be ready for a disaster to strike, so that when it does, businesses are able to respond promptly and effectively to restore data and get back online.
Managing business operations in today’s virtual environment is an ongoing challenge. As more and more customers rely on the global access created through internet options, Voice over Internet Protocol (VoIP) has become a standard technology for many companies due to its incredible features and cost-effective benefits. But the emergence of new technologies also often means an increase in new ways of criminal hacking. Though hackers cannot be prevented 100 percent of the time, companies can certainly neutralize the threat to a great extent.
As so much sensitive information is transposed through Dual-tone Multi-frequency (DTMF) tones, a security breach over a VoIP system can spell disaster in more ways than one.
In fact, almost any business that performs operations through Time-division Multiplexing (TDM) and Internet Protocol (IP)-based voice frameworks through VoIP are susceptible to phone hackers (sometimes referred to as toll fraud). Not only are payments and financial information at risk, but confidential data collected from healthcare providers, engineering companies, and corporate structuring plans (like downsizing or mergers) are also in danger from phone hackers.
Simple. There is just no substitute for the cost-effective benefits of VoIP. And the eruption of VoIP usage has shown up on hacker radar because previously IP-based communication was centralized on local networks, which were typically protected from the public internet. However, that’s ancient history as more and more of VoIP traffic is routed through un-encrypted, public internet services by telephony providers.
It is hardly surprising, therefore, that there are many tools available now which make it simple, easy, and untraceable for hackers to infiltrate confidential phone conversations. Practically anyone with a little bit of tech savvy and basic research can start collecting and storing voice information from external IP networks overnight.
The Best Offense Is a Great Defense
Because of these increased risks, companies must rethink their supplier’s encryption protocols and safety measures. What may have been adequate when the VoIP was incorporated is most likely now out of date.
Here are the top five things to consider when questioning a VoIP supplier about the systems they have in place to combat phone-based cyber-crimes:
- Ask providers about their Session Initiation Protocol (SIP) trunking services. The system should feature automatic deactivation of any components that aren’t secure, as well as encryption capability for all calls.
- Companies that routinely record calls (a necessary quality control procedure for many businesses) must ensure that their telephony system conforms to ISO protection requirements outlined for storing sensitive information.
- For any payments conducted over the phone, companies must adhere to the Payment Card Industry Data Security Standards (PCI DSS). Also, it is vital that the VoIP provider allocates encrypted connections for payment data.
- Find out about Transport Layer Security (TLS) protocols. Protecting client/server applications from tampering or spying between transports is crucial for secure communications.
- Depending on the risk of remote access susceptibility, consider a Distributed Denial of Service (DDOS). This creates a direct access circuit that is only available for designated voice traffic.
The incredible cost benefits of VoIP through external IP networks are great. But knowing the heightened risk of phone hacking through open (or public) network VoIP can help companies prevent devastating breaches in data security by neutralizing the threat of confidential information from being intercepted.