General discussion


Protect data with various solutions

By editor's response ·
Tell us what you think about Mike Talon's advice on creating a DR plan with various components--based on the type of data that you need to protect--as featured in the Nov. 5 Disaster Recovery e-newsletter. Have you found a particular combination that works for your organization?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -


by admin In reply to Protect data with various ...

I have found that encasing the drives in "Gloopstick" keeps them in tip top fresh shape eternally. :)

Collapse -

Good points: Here's a few more thoughts

by ITSilk21 In reply to Protect data with various ...

I thought Mike Talon's comments were quite good. Having different solutions in a secure network, albeit from different hardware or software, can confuse hackers, which is a main goal.

I have found too that within an security endpoint's configuration, which is normally a 3 tiered architecture, that having hardened firewalls between each tier is paramount in protecting sensitive data & secure transmissions. IPsec is good, but it can be broken easily by a good hacker. Having each component of the 3 tier setup "not trust" each other, and having specific and logical security software between each component that looks for odd transactions/logons/etc. can also help ensure that encrypted data does not get captured and the server endpoint level,or that those could become owned post encryption which would be disastrous.

Collapse -

Great security points

by MikeTalonNYC In reply to Good points: Here's a few ...

Thanks for the feedback, these are indeed great points. I tried to stay away from the pure security topics due to the nature of the column as a DR resource, but I've always said that security and DR must work hand-in-hand.

Thanks again.

Mike Talon

Collapse -


by editor's response In reply to Protect data with various ...

This week's column ("Recognize the liability of sensitive data," Nov. 5, 2002) included an incorrect acronym. We identified the Health Insurance Portability and Accountability Act as HIPPA. The correct acronym is HIPAA. We apologize for any inconvenience this may have caused.

Collapse -

DR for Med Industry - HIPAA compliant

by chucks In reply to Protect data with various ...

Tech Republic,
I hate to "sell" on these forums, but what Mike Talon was dicussing is exactly what we do. I can send a brief description of the Accellion off-site, distributed, redundant BRS system for enterprise protection against loss of data, downtime, and regulatory issues surrounding HIPAA.

The benefits of the Accellion mBRS system are:
1.Bullet-proof Business Protection
2.Centralized Control and Manageability
3.Reliability and Efficiency
5.Scalability and Flexibility
6.Granular reporting to enable cost allocation and cost assignment
7.Immediate data access and retrieval
8. HIPAA compliance thru Patient Audit Record Tracking System and encryption.

This offering is an outgrowth of our intelligent globally distributed, large-file delivery, storage and management system, in operation since 1999.

The operating software can be downloaded and implemented in minutes, and provides rules-based controls, such as "roll over to tape after X days, months", levels of access and authentication, demand, proximity, etc.

Given the emphasis on "disaster recovery / business continuance" and HIPAA privacy requirements, we feel that this service could be a great value-add to existing Medical Community clients.

We can arrange a "hands-on" demonstration to assess the value and functionality of this service. It can be implemented economically by a 2-physician office, and scales up to the multi-facility , distributed healthcare enterprise.

Reply for data sheets, ROI analysis.

Chuck Scifers

Collapse -

Good approach, but is not at all

by edconstantino In reply to Protect data with various ...

The approach is ok, but I think the today's enterprises or little businnes need more than that...because they could have more than a few type of data to plann in the recovery.
I take the approach based on business areas, and the sensitiveness and degree of impact of a failure.
You could have excelent procedures, methods and rules to identify and protect your tapes (according the machines and sensitive of their contents)...but it shall become useless if the failure is at level of the communications infraestructure or worst than a simple hardware failure; think in terms of a building or a city (the Sept/11 event has a lot of thinks to "re-teach" us)...
The discussion shall must continue...

Related Discussions

Related Forums