Retail Businesses: Prepare for the Worst-Case Scenario
August 1, 2012
Whether you have one shop or 500, or you’re a totally online storefront, cyber-thieves thirst for your customer information. Here’s how to ensure secure backups and data restoration after a breach.
In retail, ensuring secure data backup is just as important as security measures on the front end of a transaction.
Welcome to your waking nightmare: A hacker finds a pathway into your computer servers and lifts thousands of your trusting customers’ credit and debit card numbers. As a result, you sustain losses well into the seven-digit range.
It gets worse. On top of the cost of retrofitting your technology to withstand future hacks, your company will very likely also be paying fines—yes, that’s right—to each state in which you do business. Why? Because you violated their customer-information privacy regulations.
When a data-security breach leads to litigation, you don’t need the additional pain and costs that come with struggling to find data and produce requested information. A retail business should prepare for this or any other type of scenario in which it may need to retrieve information from backup media—whether that’s a legal discovery, an audit, or data loss from a hack.
In addition to database backup, your company—and its private customer data—will be even better protected by employing the following technologies:
- Continuous data protection: Preserve the continuity of your retail operations during a crisis.
- Data encryption: Ensure that data cannot be intercepted in flight or at rest.
- Backup lifecycle management: Move inactive or archive data to more economical storage to reduce costs.
The Case for Tape Backup
In retail, secure data backup and archiving is just as important as security measures on the front end of a transaction. And while the buzz continues to build around cloud-based backup solutions, tape still makes a lot of sense for backing up large amounts of data. One huge reason is that it cannot possibly be pried into—it’s offline, not sitting actively available on a network.
In fact, there’s no good technical or economic reason to ditch your solid tape infrastructure altogether. For many retail enterprises, cloud, disk and tape can coexist in perfect harmony. Tape should at least be your heavy hitter batting in the cleanup position.
If You Can’t Beat ’Em, Join ’Em: Hybrid Solutions
It can make a lot of sense to integrate your tape libraries with newer technologies, such as disk and the cloud, to maximize speed and security and simultaneously extend tape drive and media life.
Key benefits of using tape as part of a cloud solution include:
- Significantly lower cost-per-gigabyte rates than disk-only cloud approaches
- Secure and reliable file storage capability with 256-bit AES encryption and WORM capability as selectable options for compliance, fixed content and archived data
- Rapid scaling and improved access times for fast-growing tier 3 applications with LTO-5 technology
- Less frequent drive and media conversions for tape than for disk with longer-life technology
Recent improvements in tape technology include:
- Unprecedented cartridge capacity increases, with the highest capacity of any storage device—up to 5 terabytes
- Longer media life, with new tapes rated to last up to three decades
- Improved drive reliability and vastly improved bit error rates
- Faster data rates than any previous tape technology—up to 250 megabytes per second
- The new Linear Tape File System (LTFS), which has changed the rules of access for tape, allowing data to be retrieved as is from disk or other removable media
With its combination of long media life, high reliability and a significantly lower total cost of ownership, tape remains the optimal remote and local offline storage solution for data protection and archiving.
Indeed, tape has gained momentum as the last line of defense if first-tier backups fail or become corrupted. And as data asset growth climbs into the stratosphere, tape is still the best choice for a range of applications, including long-term archiving for regulatory compliance.
The benefits of a tape-based backup architecture also include:
- Infinite scalability: Just add another cartridge to your tape library for more capacity.
- Ultra-high capacity: Tapes now provide up to 5 TB per cartridge. In November 2005, a T10000’s capacity was 500 gigabytes—that’s a tenfold improvement in a little more than five years.
You can’t anticipate every worst-case scenario for your business. But you can certainly cover your bases with some careful planning to make sure your retail data is as fully protected as possible. Tape provides a reliable, secure and cost-effective storage technology that should be part of every retailer’s mix.
Fallout from Security Breaches
It’s bad news when a hacker breaches a retailer’s database of consumer transactions, both for its customer relationships and, if the retailer is a public company, for its stock price. But even worse, many data breach notification laws now ascribe liability to the company if it failed to take certain precautions.
In essence, these laws view the company—though it’s been a victim of the cyber-attacker—as an accomplice of sorts for failing to adequately protect its consumer databases. Lawyers call this type of negligence, one step removed from the principal perpetrator, “downstream liability.”
Meanwhile, the Federal Trade Commission enforces data security through Section 5 of the FTC Act, prohibiting “unfair or deceptive acts or practices in or affecting commerce.”
What does this have to do your with data infrastructure? Plenty. Ensuring end-to-end security goes a long way toward not only minimizing the chance of data exposure but also proving that you’ve taken prudent steps to address the issue.
Do you have questions about data backup and recovery? Read additional Knowledge Center stories on this subject, or contact Iron Mountain’s Data Backup and Recovery team. You’ll be connected with a knowledgeable product and services specialist who can address your specific challenges.
Identify and Destroy: Your Two Step Ticket to Easier Information Compliance
Four Principles of More Compliant Archiving
Archiving to Tape: Your Key to Swift and Scalable Data Archiving