Data Security During Data Recovery
- Trends in the Security of Data Recovery Operations
Source: Ponemon Institute
This is the second national study conducted among IT security professionals and IT support practitioners on the security of data recovery operations for business and government organizations. Drive failures are increasing, the use of third party data recovery vendors is on the rise, and more data breaches are occurring as a result. Find out why. Download White Paper
- NIST Special Publication 800-34 Rev. 1: Contingency Planning Guide for Federal Information Systems
Source: National Institute of Standards of Technology – US Department of Commerce
This NIST publication provides instructions, recommendations, and considerations for federal information system contingency planning. Paragraph #5 of Section 5.1.3 (Protection of Resources) notes that: “Organizations should consider the security risk of having their data handled by an outside (data recovery) company and ensure that proper security vetting of the service provider is conducted before turning over equipment.” NIST added this language three months after learning about the risk of using third party data recovery service providers that do not have proper data privacy and data security protocols in place. Read Guideline
- HEIT Thought Leadership Paper: “Data Recovery Sleeper Risk”
Source: Paul Reymann, Chief Risk Officer at HEIT and co-author of the Gramm-Leach Bliley Act Data Protection Rule
Reyman comments on the risks of using data recovery vendors who have not been properly vetted. This white paper cites new regulatory and industry guidelines created to help organizations mitigate the risk, and best practices for engaging third party data recovery vendors. Download White Paper
- GCN Article: “Closing An Overlooked Vulnerability”
Source: Henry Kenyon, GCN Magazine
An interview with Marianne Swanson, NIST’s senior advisor for information systems security, about the importance of vetting third party data recovery vendors. Read Case Study
- Security of Data Recovery Operations
Source: Ponemon Institute
This is the first national study conducted among IT security professionals and IT support practitioners on the security of data recovery operations for business and government organizations. By following these recommended protocols, organizations can quickly gain control over a practice that is putting sensitive and confidential data at risk. Download White Paper
- Checklist of Security Protocols for Data Recovery Service Providers
Source: Ponemon Institute
The National Institute of Standards and Technology recommends that third party data recovery service providers be properly vetted before turning over data storage equipment to them for recovery. This vetting checklist was recommended by InfoSec professionals participating in the Ponemon Institute’s study on the “Security of Data Recovery Operations”. View Checklist
- Third Party Data Recovery: A sleeper risk in most information security programs.
Source: Paul Reymann, CEO of the ReymannGroup
Reymann, one of the nation’s foremost experts on regulatory compliance and information risk-management, comments on the growing market of data recovery service providers, and the risk of sending data storage devices out to such vendors before vetting their data security protocols. Read Article
- Is Your Data Recovery Solution A Data Security Problem?
Source: DriveSavers CISO, Michael Hall
Data breach must be a consideration anywhere critical data can be accessed. If your data recovery service provider’s network is hacked, and critical customer data is accessed, your company could be liable. This document outlines data security standards and protocols that should be adhered to by the data recovery provider. Download White Paper
DriveSavers Capabilities
- DriveSavers Capabilities Overview Discover what sets us apart. View Capabilities Overview
- DriveSavers Government Solutions Learn about our “Defense-in-Depth” data security architecture and certified encryption experts. View Government Solutions
- DriveSavers RAID Recovery Services Find out about our Enterprise Systems Group’s RAID and encrypted data recovery experts. View RAID Recovery Services
- DriveSavers Digital Photography Data Recovery Lost precious photographs? Find out why Canon, Kodak, Nikon, Olympus and Sony camera manufacturers recommend DriveSavers to their customers. View Digital Photography Capabilities Sheet
Case Studies
- Mad Media Case Study 8TB of irreplaceable X Games footage was lost due to a series of power surges during the Southern California wildfires. Learn how DriveSavers turned a gut-wrenching loss into an extreme recovery. Read Case Study
- BLAST Research Project Case Study Six years of research was almost lost to Antarctica’s harsh tundra. Learn how DriveSavers saved the day, and the project. Read Case Study
- United States Air Force Case Study Crucial data from Shaw Air Force Base was lost when a RAID array crashed. Read Case Study
- Salvation Army Case Study Drives containing accounting files for 40 offices were submerged in chemical-laden waters. Read Case Study
