Many people use the terms protection and security interchangeably, but while they share some similarities, they entail distinct processes and outcomes. In the digital world, protection and security have more complex meanings as data has unique attributes and challenges: how do you protect and secure 1s and 0s?
Data protection refers to the mechanism of making copies of your data to restore in the event of a loss or corruption. Whereas, data security refers to the mechanism of keeping your data safe from unauthorised access and distribution.
Data security protects your data from unauthorised access that could result in comprised data, corruption, or deletion. Should your data security strategy fail, data protection facilitates the recovery of clean data copies.
We will attempt to explain the difference between data protection and data security with a couple of real-life examples.
Data Security: WannaCry ransomware renders contents unreadable by encrypting the files, and it denotes the affected data by appending “.WCRY” to the file name. It ransoms users to pay money to decrypt the files. If payment is not received, WannaCry will allegedly delete the files.
An attack of this nature is possible if your systems lack sufficient security to deny unauthorised access.
Data Protection: If you adequately protect your data with backups snapshots stored remotely to the primary data, then if a nefarious interloper compromises your data, you can recover clean copies from remote backup copies stored before the attack.
Storing backups or snapshots remote to the primary system adds an extra layer of security to your data protection copies.
Concerning WannaCry, if the systems were secured correctly in the first place, the ransomware would never have had access to the data, and the attack would never have occurred.
The World Trade Center Twin Towers were part of a larger complex of seven buildings covering 16-acres and was constructed and operated by the Port Authority of New York and New Jersey. Businesses located in Tower One backed up their data to a highly-secure data protection environment in Tower Two.
The protection strategists believed the data was both secure and protected within Tower Two and never considered that Tower Two could be compromised or destroyed at all, let alone in such horrific circumstances. You may be thinking that they were protecting their data—it was backed up to Tower 2, and it was secure, so what else could they have done? Blast radius or impact zone is another factor that you need to consider when designing a data protection and security strategy.
The Twin Tower tragedy resulted in a revolutionary change to data protection strategies: geographic segregation. Geographic segregation means storing copies of your primary data in a geographically separate location. However, making copies of data presents challenges when you consider the volume of data accumulated by most businesses today as well as the time and bandwidth needed to push that data to the geographically remote location. The advent of technologies such as deduplication, compression, and cloud storage have made timely geographic segregation of protected data possible. We will elucidate the value of these technologies and explore best practices in future deep-dive commentaries.
With their grid of geo-dispersed cloud service centres hosting operationally efficient, next-generation technologies, Digital Sense is an innovation leader in data security and protection. Digital Sense’s team of data protection and security experts believe technical excellence is non-negotiable and will tailor flexible and robust solutions that will guarantee the integrity of your data.
Did you know that you have certain statutory and legislative data protection obligations if you operate a business in Queensland? Find out in our article: Data Security Best Practices For Queensland Businesses