Data breaches continue to dominate the IT newscape, with bigger and uglier data breaches being announced on a weekly basis. Just this past quarter saw several significant breaches including the LizaMoon SQL injection attacks and the Sony Playstation data breaches, among others.
Since 2005, in excess of 533 million total records containing sensitive personal information were exposed due to data security breaches. You can track the on-going data breach avalanche at Privacy Rights Clearinghouse web site if you so choose.
So what can be done? Of course, the proper response is to implement a comprehensive data protection plan that includes proper security, authorization, encryption, auditing, and backup. The fact that SQL injection attacks can still be successful in this day and age is shameful. The technique is basic and has been known for years… if proper coding practices are followed SQL injection could not succeed.
But ranting about proper security tactics is not the topic of today’s blog post (maybe a future blog post though)… Today I want to talk about a somewhat novel tactic in the on-going combat against data breaches–namely, data archiving. Considerable benefits can accrue by adopting a comprehensive database archiving strategy for your data.
Database Archiving is the process of removing selected data records from operational databases that are not expected to be referenced again and storing them in an archive data store where they can be retrieved if needed. But how can database archiving help combat data breaches? Well, let’s think about this. Operational systems are more prone to attack than archived ones. This is so because operational systems are more visible and active. Once data is archived it typically is not accessible using the operational transactions and reports.
Archiving inactive data that must be retained reduces the temptation of internal breach because the data is not as readily available. Likewise, database archiving can reduce the possibility of external breach because archived data is not usually exposed to large numbers of users over vast networks. Further protection can be bestowed upon your archive by using digital signatures and encryption. Encryption techniques on archived data are less problematic than operational data because response time and performance is not as critical for the archive.
Obviously data breaches are a big, lingering problem. And data breaches can be very costly. The bottom line is that archiving your data as soon as it is no longer required for operational purposes will minimize the risk of a breach. Of course, this is not the primary reason to archive data (that is to preserve your data for long periods of time in a storage construct that is designed for long-term retention and preservation of data). So, to combat the risk of data breaches, consider developing a comprehensive database archiving plan to protect your valuable data assets.