Data loss versus data security: Know the difference to prevent breaches
“Data security.” Organizations and individuals have varied interpretations of the phrase and how it connects to “data loss.” While these two terms are related, it’s important to know the difference, because you can’t prevent data loss until you understand how it stems from data security decisions.
Data loss happens when data leaves your building unannounced. It’s a singular event (or a repeating one, if you’re in dire straits.) Data security, however, is ongoing. It includes the practices you put in place to prevent that data from exiting without authorization in the first place.
The difference between the terms is about more than just semantics. Lost data, sensitive or not, tends to follow the lack of structure in a data security program. If you experience a breach or a hack, your may ask yourself:
- How did this happen?
- Is it my fault?
- What can I do to ensure it doesn’t happen again?
Answering the first two questions is challenging for many companies. They are often unsure of how data loss occurred, let alone who is responsible, although auditing the data can uncover patterns that answer those questions. The answer to the third question is more straightforward. To prevent data loss:
- Have the audit before the audit. Why have third parties crawl through your data before you do? Get the tools to do it yourself.
- Learn what’s in your data. Keep your eyes wide open to what’s in there and make your best effort to remediate risks.
- Uncover and analyze past incidents to inform future data security practices.
- Embed data-awareness into your compliance routine. Have a record of your findings.
- Do more than follow industry news about data loss; act on it.
- Make the security investments today that will save you breach-associated costs tomorrow.
You can track every data loss incident back to a data security decision. To avoid that, learn the steps to stronger data security and implement them.1 Like