The most important thing for a company is to have a plan. Without it, you will be playing catch up as employees bring their own mobile devices into work. Make sure you understand what data must be protected and the storage requirements necessary for it. There are many types of data ranging from intellectual property to protected customer information such as personal financial information, customer credit card data (PCI), or protected health information (HIPAA). Each of these may require different levels of control/protection. In addition to information protected by laws and regulations, your contractual relationships may determine how data is accessed and where it is stored. Control and protection of information may range from basic vendor management, encryption of data at rest, to prohibited devices. [Note: If you have PCI or HIPAA requirements it is best to discuss this with a PCI or HIPAA expert.]
In the midst of spring, the severe weather threats of torrential rain, hail, and more importantly, high winds and tornadoes. Many companies, especially small organizations should be reviewing their disaster contingency plans. However, many do not have adequate, if any, business continuity plans or have heavily outdated plans that are not reviewed regularly from an IT perspective in the event of a disaster.
Five 9s, or 99.999%, refers to the desired availability of a given computer system. Having a 99.999% means the system will deliver its service to the user 99.999% of the time it is needed. In total, the only downtime in a given year calculates out to five minutes and fifteen seconds. Five9s is recommended for mission-critical data and e-commerce.
I get the pleasure of working with several refrigerator-sized storage subsystems capable of holding several hundred to thousands of spinning hard drives and solid state devices. These drives combine to store and service Petabytes of data. One of my main responsibilities is ensuring your data is available even if a few of those drives go bad and fail. I often get asked about data protection, so I thought I’d review one of the tools we utilize within our arsenal – RAID (Redundant Array of Independent Disks)
Many of you may be a little nervous about placing cardholder data in the “Cloud”. Don’t worry-this is a normal and welcomed concern. In February 2013, the PCI Security Standards Council released an Information Supplement titled PCI DSS Cloud Computing Guidelines. This supplement provides organizations guidance if they are going to be placing cardholder data in the “Cloud”.
How many of us receive e-mail on a monthly basis from our financial institution? With the technology that we have today I am guessing that most of us receive statement notifications electronically instead of via the post office. How many of us can actually tell whether or not the e-mail received is legitimate or from someone trying to obtain the username and password to your account? There are a few signs that you should look for before clicking on a link in any e-mail you receive.
current_page_num+2: 6 - disabled