The perfect guide to data loss protection

5 keys to build a better data loss protection strategy for imperfect humans

The biggest data loss risk is right in front of you

Read today’s headlines, and you’re likely to find yet another well-known business victimized by cyber attack. It’s not just the big-name brands anymore, either. Two in three data security incidents hit smaller businesses last year, and that number keeps increasing.1

The upshot of the constant cyber attack headlines is that small and medium-sized businesses increasingly know they need to protect their files and data. But here’s something you won’t see in the headlines: The shadowy hackers moving through the “dark web” aren’t your biggest data security risks. The biggest risks are employees—and studies show that executives and high-ranking staff are often the biggest liabilities. Humans make mistakes, we forget, we get impatient—and these flaws lead to 1 in 3 data loss incidents in the business world.2

CrashPlan for Small Business is offering this simple guide to help you navigate the often-murky waters of business data loss protection. We’ve tapped small business leaders and IT pros to uncover the features and functionalities that protect against the often- overlooked flaws of your employees, so you can build a data loss protection strategy that perfectly fits the imperfections of the humans that drive your business.

1) Have a backup

The common mistake: Most companies think they have their files and data protected, but a recent study found that 58 percent of small businesses were not prepared for a data loss incident.3 Moreover, more than half of all backups (60%) ultimately fail to effectively restore the lost files, leaving the business starting from scratch. That’s why you need more than just backup. You need automatic data loss protection

Data protection best practice: It’s worth saying out loud: Any protection is better than no protection. And make sure you’re following the basic “3-2-1” protocol:


2) Make it automatic: not human-dependent

The common mistake: Most companies think a lot about the backup itself: where it’s located, how it’s protected, etc. But what about how files and data get protected? Ironically, the traditional approach is to rely on employees to manually save important files to a server, a network drive or other designated location. But if the biggest reason for protecting your files is to protect against human mistakes, you can’t have a policy that depends on those same mistake-prone humans. And think about this: Best practice is to protect all files every 15 minutes. If your employees really did this, stopping to manually save files 32 times a day, you’d see a major drop in productivity.

Data loss protection best practice: All leading business data loss protection solutions now automatically and silently back up files continuously. You’re not vulnerable to employees forgetting to back up—and you aren’t burdening your employees with the constant, productivity- draining task of manually saving files.

3) Protect your files at the source: direct from the laptop or desktop

The common mistake: Research suggests 60 percent of your business’ files and data live exclusively on your employees’ desktops and laptops.4 If you’re only backing up a central destination like a network drive, all these work-in-progress files—all this productivity and value—are sitting on your employees’ laptops and desktops, not protected.. That’s because employees typically only move files to the central destination when they’re finished—or at least in a “ready to share” state.

Data loss protection best practice: Since the majority of your business’ files and data now live on your employees’ desktops and laptops (where they do most of their work), leading data loss protection solutions protect files and data directly from these endpoint devices. This approach ensures business continuity, capturing and protecting all your employees’ productivity and value.

4) Get the automatic data loss protection advantage: unlimited, more secure & most cost-effective

The common mistake: Another irony of traditional backup: Many companies still rely on hardware-based backup. Hardware has two big flaws: it fails, and it’s vulnerable to physical damage. Moreover, conventional, on-premises backup has all the shortcomings of conventional IT: A big capital investment up front; a lengthy implementation period; and someone to manage and maintain its finite space.

Data loss protection best practice: By 2020, 4 in 5 small businesses will use automated data loss protection.3 The cloud’s multiple redundancies mean you’re never vulnerable to disaster or technology failure. Automatic data loss protection is simple—instantly up and running, with nothing to manage or maintain. Data security experts agree the cloud offers the most advanced security tools, thanks to real-time updates that include the latest security patches and new security features.

Finally, cloud storage provides a cost- effective option protect all your files, so you don’t have to choose which files to protect. This means you can follow another data loss protection best practice: protect every version of every file, so you can instantly go back to the moment before an incident, restoring a “clean” version and minimizing lost productivity.

5) Cloud sharing apps are NOT the same as automatic data loss protection

The common mistake: All cloud storage apps are not created equal. Cloud sharing apps like Dropbox, Google Drive and Microsoft OneDrive are helping businesses of all sizes work in smart new ways. But, the same features that make cloud sharing apps great for sharing and collaboration make them a dangerous liability when used in place of real automatic cloud backup services:

  • Depends on manual actions: Employees actively select files to add.
  • Not all files are protected: Employees only share files in the later stages of completion. All the work that went into a “shareable” draft is vulnerable to total loss.
  • One person’s mistakes become everyone’s: If one employee makes a mistake or deletes a file—and doesn’t catch it immediately—that mistake becomes everyone’s problem.
  • Can spread malware and ransomware: If one employee shares an infected file, it can quickly spread to everyone.
  • Not designed for easy, fast file restores: If several files—or an entire laptop—are lost, the disaster recovery process typically requires a time- consuming restore.

Data loss protection best practice:

With 37% of SMBs losing data in the cloud, it’s no surprise data security experts and analysts agree: data loss protection is a critical complement to cloud-sharing apps. Dedicated data loss protection solutions plug the gaps left by cloud sharing apps, ensuring continuous data protection of all files. Data loss protection solutions are also purpose-built for the fastest disaster recovery, organizing files for quick restores and offering point-in-time restore. The bottom line: Cloud- sharing apps are designed to push work forward; data loss protection is purpose-built to allow you to bounce back.

Keep your business moving forward

All the big-name data breaches and scary cybersecurity issues in the headlines have jump started the data protection conversation in many organizations. But as you craft a better strategy for data loss protection, remember this: It’s still your people that play the biggest role in moving your business forward—or holding it back. Rather than building a backup strategy solely focused on hackers and cyberthreats, best practice is to take a holistic and honest approach that accounts for your employees’ natural (and human) tendencies. Seek out tools that empower them—not burden them. Build a data loss protection strategy that’s silent, automatic, constant and comprehensive— and keep your people (and your business) moving forward.

1 Verizon 2017 Data Breach Investigations Report
2 Egress Software Technologies 2016

Signup for our monthly newsletter to learn more about Data Loss Protection

By completing and submitting this form, you confirm that you agree to the storing and processing of your personal data by Code42 as described in our Privacy Statement.