What controls would you implement to prevent unauthorized data transfers by employees at a company? How might these controls affect employee productivity?
Having a risk matrix with the likelihood and impact of breach would be a good start to prioritize data security. Encryption on storage drives and individual files can help block the normal data view for anyone. Limiting data collected always helps the business to manage its security of it. Any data that is not being used should be deleted to save storage and energy on it. Sensitive data should;t allowed stored on physical storage such as USB, permission on data should be limited and restricted.
Also, ensure that the devices can be supported and updated remotely. Verify the mechanism are in place to prevent data from being Exfiltrated from the device. You should restrict who has access to information systems and infrastructure because this will leave your system vulnerable and Visitors should be clearly identifiable and limited IT department access to employees who are for you.
Limit keys to a single, specific purpose: Each key should be used for only one application and purpose. Set the appropriate key strength based on the intended purpose for which the key was created, reusing the same key can lead to key compromise.
Implement robust key management: key lifecycle, key storage and backup, access protection and restrictions
The most important control would be to implement the principle of least privilege. To implement this principle, you need to lay out all tasks and create user profiles to enable segregation of duties. You can then use role-based access controls (RBAC) to restrict permissions to each user, machine, or service account’s specific needs. Some other measure would be to maintain a comprehensive logs and audit trails, Keeping an audit trail is an essential part of key management as it helps keep track of everything that has happened in the system. Centralized key management helps simplify all the management processes by managing all keys in a single pane of glass. The key manager does all generation, storage, rotation, and retirement of keys, and all operations are then synchronized across all data points.
Magnetic tape is a traditional back-up medium that offers the lowest cost per bit of all back-up mediums. The low price per bit comes at the cost of speed in both reading and writing the data.
I’ve worked in environments where tape is used as an archival back-up that is stored off site. The set-up allowed for faster back-ups to take place on hard drives with long term storage being written to tape once per month. This process was labor intensive and required a good amount of time to make sure this worked as expected.
Hi Matt,
As your explanation about magnetic tape, with per month schedule to back-up data, the organization will take a risk to loss one-month data. Moreover, the quality of data will depend on the condition of magnetic tapes. Furthermore, the repeat of storing the same data can happens.
Corey,
This was my initial reaction to “magnetic tape”, as well. While I don’t have any experience with it personally, I know that it is still widely popular. While it may be a very slow process of backing up data, it can still be useful because it allows you to store a ton of data in a very compact space, in comparison to some of the newer, larger formats. It also doesn’t hurt that it’s a much cheaper method of doing so.
As backed-up data must be physically stored, these options are called backup media. The traditional backup option is magnetic tape, which looks like old music or a VHC cassette. Unfortunately, it is a slow process.
I have never experienced data backups with magnetic tape method.
As a lot of companies are migrating to cloud, They are responsible for protecting the data in cloud. What measures should the companies take to protect their data ?
1. As the company decides to migrate to the cloud system, it should pick one that encrypts files in the cloud and computers.
2. Reading user agreements is crucial to understand how service protects information and how permissions work on your data stored in the cloud.
3. Privacy settings should be set up (configurations). Deciding on how long the service will be storing data and which type of information cloud systems can pull from devices that companies own/use.
4. Strong passwords/2FA is important to have.
5. Anti-malware tools
Miray makes great points! I would just add to her #2 “Reading user agreements is crucial” section that companies should pay special attention to agreements on data ownership. Occasionally, cloud service providers state in the agreements that they own some or all of the data once it is in the cloud. This can result in difficulty switching cloud service providers and difficulty ensuring the security of data left behind once you leave to work with a different provider.
I agree with all of Miray & Amelia’s points, and I would also add it’s important for an organization to actively test the cloud’s security system. They can do this by having a team of experts actively look for flaws to identify where changes can be made. The cloud is still a constantly changing entity, and it’s important to always ensure there are no noticeable vulnerabilities and security mechanisms are operating as intended.
Both cloud and local backup serve the same function of data management which is vital to every organization. The difference between the two is seen in the modalities of functioning. While local backup is mostly done onsite, cloud backup is offsite and minimal control of stored data is witnessed. Having a local data backup has been in existence for a long time and is popular among many organizations. Cloud backup typically requires internet connection where files get shared and stored in the clouds whereas, for local backup local storage tools and devices are necessary.
Both cloud backup and local backup are useful, and the choice will depend on individual circumstances. Regardless of the size of your business, developing a backup system is essential, and the only contention comes in choosing between the two primary forms of backups. A candid look of the pros and cons of cloud backup vs. local backup is crucial in making a choice on which type is suitable for you.
I would say cloud backup because it allows your company employees to access backup data from any place or any device and gets the advantage of collaborative working technologies. it is less expensive compared to local backup.
I think it is important to have both available and is hard to say which is truly better. Although they both server to backup the data they have different pros and cons. The benefit of using a cloud backup is that the data is saved in a different location. If there is an incident at the location where the data is stored that destroys the equipment, such as a tornado, the off location backup will ensure that the data will not be lost. The benefit of having a local backup is that the data is on site and ready to be accessed at any moment. It does not require any connection to the internet so can still be restored if there is an outage. It also can be restored at a much faster transfer rate than the cloud backups would.
Depends on the context of the situation. Depending on classification of data, a company may not want to store sensitive information on the cloud as it potentially increases the risk for a data leak. It also depends on the availability of the system as if cloud back-up is not directly available, a system administrator would have to take images or backups of the system and offload them on the cloud to a system that is capable of transferring to the cloud. At the same time, enterprise connected systems that do not contain sensitive data may utilize the cloud at ease – or in some cases if you specify data sensitivity for the eternal services, you’re providing then you can transfer the risk of cloud security to whatever organization is overseeing.
However, with local back up you can guarantee the longevity of the system by taking backups and storing them in cold storage. As well as enabling encryption at rest via bitlocker and storing them locally (via seperate computers or usb devices) cold storage and can manage data sensitive devices much easier. Especially if they aren’t connected to internet. However, physical backups pose a problem as they require more custodian management and often becomes much harder to manage then a service provider managing the backups.
Ultimately this would refer back to the system security plan (SSP) in how the system security objective impacts for local backups, and how the organization sees what the most secure and efficient way is of backing up data for their information system. Sorry for the long reply, it’s just something I think about since every information system has to implement security controls in different manners.
Some of the key benefits of backup and recovery include:
1. Have access to complete copies of your database.
2. Protect valuable data in the event of a network breach/physical disaster
3. Quickly backup + restore data when any issue arises
4. Increase confidence in your safety despite malicious threats
Hi Michael,
One of the most importance aspects of security and host hardening is data backup and recovery. Although it may feel like a hassle, it provides increased reliability and a peace of mind. Data loss can occur at any time and for all kinds of reasons. By backing up your data on storage media, you are ensuring that data will still be available in the event of a catastrophic failure of the host. The text mentions that your other protections will inevitably break down, and your backup practices will determine how much you lose in the long run.
Hi Mike,
I agree with Shubham and Elizabeth’s answers. The icon “backward” in Word, Excel, etc. and History tab in professional applications like Axcess, Caseware, etc. are samples of the pros to backing up data in RAM and/or a partial of hard drive treated like RAM.
Hi Michael, I think the biggest pro to backing up your data is having it in another location. If and when you may lose your data it is available on another device. Have you ever lost anything and had that feeling of relief knowing you backed it up?
Do you think that wiping/clearing data is sufficient enough deletion method for most equipment in a business setting? If so what instances would destruction of the media be an appropriate choice?
I work at Jefferson University Hospital, and all of the old equipment usually gets thrown out for recycling. Prior to recycling out the old hardware, the protocol is to wipe all of the previous data clean. From a security standpoint, I think the best option would be to shred the old hard drives. Physical destruction is definitely the best option; it guarantees that data will be unrecoverable and unusable.
Section 9.5 stated that Mesh backup is peer-to-peer backup onto other client computers and sends backup data in parcels to many other client PCs. Stored data redundantly so if a PC is offline all data are still available.
Hi Jason,
An emerging option for client PCs is mesh backup, in which the client PCs in an organization back up each other. A section in the chapter speaks on its technical problems such as security and PCs not always being available for packet retrieval. Nevertheless, what makes mesh backup desirable is the option for automatic client PC backup and limiting user failures.
Mesh backup, according to Section 9.5, is peer-to-peer backup onto other client computers that transmits backup data in packages to a large number of other client computers. Data is redundantly stored so that even if a PC is offline, all data is still accessible.
Depends on the company’s policies because of different types of data and different types of devices. The policy should address what data should be backed up how frequently it should be backup up and how frequently restoration should be tested. You should only retain data as it’s needed, whether that is a few months or at least five years. If you are storing retain data for longer, it will take unnecessary storage space and costs will be increased than needed.
I agree with both of the reasons made above, but regulatory compliance is usually the top concern for data retention, and this can assist the company in determining what data it is legally required to maintained for retention (and for how long).
Hi Mohammed,
In the chapter, under the strong access control policies for backup media section, it briefly explains why checkouts of backup media are suspicious. Access control implied that there are limited individuals in the organization that have access to the media in storage. Checkouts are rare therefore suspicious. If you think about it, it does not occur often given the consequences that can result if the media is lost, damaged, or stolen. Not to mention, retrieval is also rare. For this reason, every checkout should require the written permission of the manager of the person wishing to access tapes.
Full backups record all data within a computer while incrementally backups only record data that changed since the most recent full or incremental backup. Performing only full backups can take a lot of time and make it difficult to manage storage capacity. Incremental backups are helpful because they only capture data that has changed and significantly less amount of time to complete and ease the process of managing storage. Using a combination of both backup methods is typically the preferred way organizations backup their data.
Full backups save all the data that is present on whatever media is being backed up. For example if you are backing up a hard drive on a server, it will back up the entire drive every time the backup is scheduled to run. Incremental backups will save only the changes that have been made since the last backup has run. So in other words if you have only modified one or two files since the last backup, only those one or two files will be saved. Understanding this, it would be more efficient to use incremental backups. You can save time and network bandwidth by only backing up any information that has changed. Also, you will have to start with a full backup of the data initially so that the backup software knows what has changed. However, it is not bad practice to run a full backup every now and again just to be extra cautious even while running incremental backups. But in terms of max efficiency, an incremental backup is the better option.
Full backups save all of the data on a computer, whereas incremental backups save only the data that has changed since the last full or incremental backup.
Only performing full backups can take a long time and make managing storage capacity challenging.
Incremental backups are beneficial since they only record data that has changed and take substantially less time to complete, making storage management easier.
The most common technique for businesses to backup their data is to use a combination of both ways.
Chapter 9 discusses two types of triggers to detect malicious activity and noncompliance with security policies. Data Definition Language (DLL) triggers can be configured to detect any changes/modifications to the structure of the database and send notifications to the system admin to review for appropriateness. Data Manipulation Language (DML) triggers can be configured to detect any changes/modifications to data contained within a data structure and send notifications to the system admin to review the appropriateness of the activity.
You can use both training and technical controls to limit the risk of insiders transmitting sensitive data. Training helps to prevent any accidental transmission or transmission by someone who has been fooled by phishing. Technical controls like data loss prevention can stop users from being able to copy/send sensitive data. There isn’t really a 100% secure set-up but implementing these steps can help!
E-mail retention is essentially an organization-wide policy that dictates how long older emails should be kept before they are permanently wiped. A key benefit is that user’s may need to access an older email thread to assist in current business trends. A danger is that the longer these emails exist, the greater the risk that that information in these emails could be exposed, and their could be very sensitive information buried away on older emails.
Matthew Bryan says
What controls would you implement to prevent unauthorized data transfers by employees at a company? How might these controls affect employee productivity?
Miray Bolukbasi says
Having a risk matrix with the likelihood and impact of breach would be a good start to prioritize data security. Encryption on storage drives and individual files can help block the normal data view for anyone. Limiting data collected always helps the business to manage its security of it. Any data that is not being used should be deleted to save storage and energy on it. Sensitive data should;t allowed stored on physical storage such as USB, permission on data should be limited and restricted.
Mohammed Syed says
Also, ensure that the devices can be supported and updated remotely. Verify the mechanism are in place to prevent data from being Exfiltrated from the device. You should restrict who has access to information systems and infrastructure because this will leave your system vulnerable and Visitors should be clearly identifiable and limited IT department access to employees who are for you.
Miray Bolukbasi says
What are some of the controls to avoid encryption key loss, and how do you keep encryption keys safe?
Yangyuan Lin says
Limit keys to a single, specific purpose: Each key should be used for only one application and purpose. Set the appropriate key strength based on the intended purpose for which the key was created, reusing the same key can lead to key compromise.
Implement robust key management: key lifecycle, key storage and backup, access protection and restrictions
Shubham Patil says
The most important control would be to implement the principle of least privilege. To implement this principle, you need to lay out all tasks and create user profiles to enable segregation of duties. You can then use role-based access controls (RBAC) to restrict permissions to each user, machine, or service account’s specific needs. Some other measure would be to maintain a comprehensive logs and audit trails, Keeping an audit trail is an essential part of key management as it helps keep track of everything that has happened in the system. Centralized key management helps simplify all the management processes by managing all keys in a single pane of glass. The key manager does all generation, storage, rotation, and retirement of keys, and all operations are then synchronized across all data points.
Corey Arana says
What is magnetic tape and you ever used it in backing up your data?
Matthew Bryan says
Magnetic tape is a traditional back-up medium that offers the lowest cost per bit of all back-up mediums. The low price per bit comes at the cost of speed in both reading and writing the data.
I’ve worked in environments where tape is used as an archival back-up that is stored off site. The set-up allowed for faster back-ups to take place on hard drives with long term storage being written to tape once per month. This process was labor intensive and required a good amount of time to make sure this worked as expected.
Hang Nu Song Nguyen says
Hi Matt,
As your explanation about magnetic tape, with per month schedule to back-up data, the organization will take a risk to loss one-month data. Moreover, the quality of data will depend on the condition of magnetic tapes. Furthermore, the repeat of storing the same data can happens.
Corey Arana says
Thanks for the reply Matt, when I saw magnetic tape in the chapter, it made me think of the time of recording and making copies of VHS home movies.
Alexander William Knoll says
Corey,
This was my initial reaction to “magnetic tape”, as well. While I don’t have any experience with it personally, I know that it is still widely popular. While it may be a very slow process of backing up data, it can still be useful because it allows you to store a ton of data in a very compact space, in comparison to some of the newer, larger formats. It also doesn’t hurt that it’s a much cheaper method of doing so.
Miray Bolukbasi says
As backed-up data must be physically stored, these options are called backup media. The traditional backup option is magnetic tape, which looks like old music or a VHC cassette. Unfortunately, it is a slow process.
I have never experienced data backups with magnetic tape method.
Shubham Patil says
As a lot of companies are migrating to cloud, They are responsible for protecting the data in cloud. What measures should the companies take to protect their data ?
Miray Bolukbasi says
1. As the company decides to migrate to the cloud system, it should pick one that encrypts files in the cloud and computers.
2. Reading user agreements is crucial to understand how service protects information and how permissions work on your data stored in the cloud.
3. Privacy settings should be set up (configurations). Deciding on how long the service will be storing data and which type of information cloud systems can pull from devices that companies own/use.
4. Strong passwords/2FA is important to have.
5. Anti-malware tools
Amelia Safirstein says
Miray makes great points! I would just add to her #2 “Reading user agreements is crucial” section that companies should pay special attention to agreements on data ownership. Occasionally, cloud service providers state in the agreements that they own some or all of the data once it is in the cloud. This can result in difficulty switching cloud service providers and difficulty ensuring the security of data left behind once you leave to work with a different provider.
Alexander William Knoll says
I agree with all of Miray & Amelia’s points, and I would also add it’s important for an organization to actively test the cloud’s security system. They can do this by having a team of experts actively look for flaws to identify where changes can be made. The cloud is still a constantly changing entity, and it’s important to always ensure there are no noticeable vulnerabilities and security mechanisms are operating as intended.
Yangyuan Lin says
Local backup or cloud backup, which one is better?
Shubham Patil says
Both cloud and local backup serve the same function of data management which is vital to every organization. The difference between the two is seen in the modalities of functioning. While local backup is mostly done onsite, cloud backup is offsite and minimal control of stored data is witnessed. Having a local data backup has been in existence for a long time and is popular among many organizations. Cloud backup typically requires internet connection where files get shared and stored in the clouds whereas, for local backup local storage tools and devices are necessary.
Both cloud backup and local backup are useful, and the choice will depend on individual circumstances. Regardless of the size of your business, developing a backup system is essential, and the only contention comes in choosing between the two primary forms of backups. A candid look of the pros and cons of cloud backup vs. local backup is crucial in making a choice on which type is suitable for you.
Mohammed Syed says
I would say cloud backup because it allows your company employees to access backup data from any place or any device and gets the advantage of collaborative working technologies. it is less expensive compared to local backup.
Ryan Trapp says
I think it is important to have both available and is hard to say which is truly better. Although they both server to backup the data they have different pros and cons. The benefit of using a cloud backup is that the data is saved in a different location. If there is an incident at the location where the data is stored that destroys the equipment, such as a tornado, the off location backup will ensure that the data will not be lost. The benefit of having a local backup is that the data is on site and ready to be accessed at any moment. It does not require any connection to the internet so can still be restored if there is an outage. It also can be restored at a much faster transfer rate than the cloud backups would.
Michael Duffy says
Depends on the context of the situation. Depending on classification of data, a company may not want to store sensitive information on the cloud as it potentially increases the risk for a data leak. It also depends on the availability of the system as if cloud back-up is not directly available, a system administrator would have to take images or backups of the system and offload them on the cloud to a system that is capable of transferring to the cloud. At the same time, enterprise connected systems that do not contain sensitive data may utilize the cloud at ease – or in some cases if you specify data sensitivity for the eternal services, you’re providing then you can transfer the risk of cloud security to whatever organization is overseeing.
However, with local back up you can guarantee the longevity of the system by taking backups and storing them in cold storage. As well as enabling encryption at rest via bitlocker and storing them locally (via seperate computers or usb devices) cold storage and can manage data sensitive devices much easier. Especially if they aren’t connected to internet. However, physical backups pose a problem as they require more custodian management and often becomes much harder to manage then a service provider managing the backups.
Ultimately this would refer back to the system security plan (SSP) in how the system security objective impacts for local backups, and how the organization sees what the most secure and efficient way is of backing up data for their information system. Sorry for the long reply, it’s just something I think about since every information system has to implement security controls in different manners.
Michael Galdo says
What are the pros to backing up your data?
Shubham Patil says
Some of the key benefits of backup and recovery include:
1. Have access to complete copies of your database.
2. Protect valuable data in the event of a network breach/physical disaster
3. Quickly backup + restore data when any issue arises
4. Increase confidence in your safety despite malicious threats
Elizabeth Gutierrez says
Hi Michael,
One of the most importance aspects of security and host hardening is data backup and recovery. Although it may feel like a hassle, it provides increased reliability and a peace of mind. Data loss can occur at any time and for all kinds of reasons. By backing up your data on storage media, you are ensuring that data will still be available in the event of a catastrophic failure of the host. The text mentions that your other protections will inevitably break down, and your backup practices will determine how much you lose in the long run.
Hang Nu Song Nguyen says
Hi Mike,
I agree with Shubham and Elizabeth’s answers. The icon “backward” in Word, Excel, etc. and History tab in professional applications like Axcess, Caseware, etc. are samples of the pros to backing up data in RAM and/or a partial of hard drive treated like RAM.
Corey Arana says
Hi Michael, I think the biggest pro to backing up your data is having it in another location. If and when you may lose your data it is available on another device. Have you ever lost anything and had that feeling of relief knowing you backed it up?
Ryan Trapp says
Do you think that wiping/clearing data is sufficient enough deletion method for most equipment in a business setting? If so what instances would destruction of the media be an appropriate choice?
Joshua Moses says
I work at Jefferson University Hospital, and all of the old equipment usually gets thrown out for recycling. Prior to recycling out the old hardware, the protocol is to wipe all of the previous data clean. From a security standpoint, I think the best option would be to shred the old hard drives. Physical destruction is definitely the best option; it guarantees that data will be unrecoverable and unusable.
Jason Burwell says
What makes Mesh Backup desirable?
Mohammed Syed says
Section 9.5 stated that Mesh backup is peer-to-peer backup onto other client computers and sends backup data in parcels to many other client PCs. Stored data redundantly so if a PC is offline all data are still available.
Elizabeth Gutierrez says
Hi Jason,
An emerging option for client PCs is mesh backup, in which the client PCs in an organization back up each other. A section in the chapter speaks on its technical problems such as security and PCs not always being available for packet retrieval. Nevertheless, what makes mesh backup desirable is the option for automatic client PC backup and limiting user failures.
Oluwaseun Soyomokun says
Mesh backup, according to Section 9.5, is peer-to-peer backup onto other client computers that transmits backup data in packages to a large number of other client computers. Data is redundantly stored so that even if a PC is offline, all data is still accessible.
Amelia Safirstein says
What are some of the factors that should be considered when building a data retention policy? How would you decide how long to retain data?
Mohammed Syed says
Depends on the company’s policies because of different types of data and different types of devices. The policy should address what data should be backed up how frequently it should be backup up and how frequently restoration should be tested. You should only retain data as it’s needed, whether that is a few months or at least five years. If you are storing retain data for longer, it will take unnecessary storage space and costs will be increased than needed.
Amelia Safirstein says
Great points, Mohammed! I would just add that laws and industry standards should be reviewed when making decisions on retaining certain types of data.
Oluwaseun Soyomokun says
I agree with both of the reasons made above, but regulatory compliance is usually the top concern for data retention, and this can assist the company in determining what data it is legally required to maintained for retention (and for how long).
Hang Nu Song Nguyen says
I agree both Mohammed and Amy. Moreover, business needs and organizational culture should include.
Mohammed Syed says
Why are checkouts of backup media suspicious?
Elizabeth Gutierrez says
Hi Mohammed,
In the chapter, under the strong access control policies for backup media section, it briefly explains why checkouts of backup media are suspicious. Access control implied that there are limited individuals in the organization that have access to the media in storage. Checkouts are rare therefore suspicious. If you think about it, it does not occur often given the consequences that can result if the media is lost, damaged, or stolen. Not to mention, retrieval is also rare. For this reason, every checkout should require the written permission of the manager of the person wishing to access tapes.
Elizabeth Gutierrez says
What is the difference between full and incremental backups and which method is the most efficient to use?
Bryan Garrahan says
Full backups record all data within a computer while incrementally backups only record data that changed since the most recent full or incremental backup. Performing only full backups can take a lot of time and make it difficult to manage storage capacity. Incremental backups are helpful because they only capture data that has changed and significantly less amount of time to complete and ease the process of managing storage. Using a combination of both backup methods is typically the preferred way organizations backup their data.
Ryan Trapp says
Full backups save all the data that is present on whatever media is being backed up. For example if you are backing up a hard drive on a server, it will back up the entire drive every time the backup is scheduled to run. Incremental backups will save only the changes that have been made since the last backup has run. So in other words if you have only modified one or two files since the last backup, only those one or two files will be saved. Understanding this, it would be more efficient to use incremental backups. You can save time and network bandwidth by only backing up any information that has changed. Also, you will have to start with a full backup of the data initially so that the backup software knows what has changed. However, it is not bad practice to run a full backup every now and again just to be extra cautious even while running incremental backups. But in terms of max efficiency, an incremental backup is the better option.
Oluwaseun Soyomokun says
Full backups save all of the data on a computer, whereas incremental backups save only the data that has changed since the last full or incremental backup.
Only performing full backups can take a long time and make managing storage capacity challenging.
Incremental backups are beneficial since they only record data that has changed and take substantially less time to complete, making storage management easier.
The most common technique for businesses to backup their data is to use a combination of both ways.
Michael Duffy says
What are good event triggers for a database that will tell us if there is malicious activity?
Bryan Garrahan says
Chapter 9 discusses two types of triggers to detect malicious activity and noncompliance with security policies. Data Definition Language (DLL) triggers can be configured to detect any changes/modifications to the structure of the database and send notifications to the system admin to review for appropriateness. Data Manipulation Language (DML) triggers can be configured to detect any changes/modifications to data contained within a data structure and send notifications to the system admin to review the appropriateness of the activity.
Hang Nu Song Nguyen says
How to prevent insiders to transmit sensitive data?
Amelia Safirstein says
You can use both training and technical controls to limit the risk of insiders transmitting sensitive data. Training helps to prevent any accidental transmission or transmission by someone who has been fooled by phishing. Technical controls like data loss prevention can stop users from being able to copy/send sensitive data. There isn’t really a 100% secure set-up but implementing these steps can help!
Ornella Rhyne says
What is/are the tools used to write data to an array of hard drives?
Bryan Garrahan says
What are some methods one can perform or architectures that can be used to ensure their database(s) are properly placed logically within a network?
Joshua Moses says
What is e-mail retention? Are there any there any benefits or dangers related to it?
Alexander William Knoll says
E-mail retention is essentially an organization-wide policy that dictates how long older emails should be kept before they are permanently wiped. A key benefit is that user’s may need to access an older email thread to assist in current business trends. A danger is that the longer these emails exist, the greater the risk that that information in these emails could be exposed, and their could be very sensitive information buried away on older emails.
Alexander William Knoll says
What do you consider to be the most effective way of backing up data, and where do you see back-up methods going in the near future?