Data loss is the intentional or unintentional destruction of information, caused by people and or processes from within or outside of an organization. Data loss is similar to a data breach, in that data is compromised. However, in a data breach, data is usually unharmed but in the wrong hands. Data loss can occur in a data breach, but the data itself is destroyed.
There are many causes of data loss, and those can differ by industry. Some organizations may be more concerned about outside attacks, while others are primarily worried about vulnerability to internal human error. Data loss can occur during standard IT procedures such as migration, or through malicious attacks via ransomware or other malware.
The impact of data loss may also differ based on who the data belongs to. Along with affecting an organization's internal data, the loss of an outside party's confidential data can jeopardize a business' legal standing with compliance laws.
Regardless of how or why data loss occurs, it is crucial for all organizations to have prevention and recovery plans in place, and to understand the effects and consequences of data loss.
How it occurs
Common unintentional causes of data loss include hardware malfunction, software corruption, human error and natural disasters. Data can also be lost during migrations and in power outages or improper shutdowns of systems.
Hardware malfunction is the most common cause of lost data. A hard drive can crash due to mishandling, overheating, mechanical issues or simply the passage of time. Proper hard drive maintenance can help prevent data loss, and being mindful of a drive's lifespan enables users to prepare for the drive's replacement.
Software corruption is another common cause of data loss, and can take place when systems are improperly shut down. These shutdowns can usually be attributed to power outages or human error, so it falls on the organization to prepare for these incidents and ensure the proper shutting down of systems. Natural disasters can cause data loss through all of the above, be it damage to hardware or causing systems to fail without data being backed up. Having a disaster recovery (DR) plan and frequent backups are the best strategies for preventing this type of data loss.
Computer viruses -- such as malware designed to steal and delete data -- can cause intentional data loss. To help prevent this, organizations should keep antivirus software up to date and ensure that employees are aware of potential malware threats.
Hackers can also cause intentional data loss. These incidents require different protection methods, particularly with regards to access. To prevent intentional data destruction from recent or current employees, a company should limit access to confidential or sensitive data to necessary personnel only. Controlling or restricting access can also aid in preventing loss via hackers or even human error, where an employee may unintentionally erase data without knowing the severity of the action.
Preventing data loss can be an expensive process, requiring the purchase of software or other backup and data protection products or services. While the costs of these services may be high, thorough protection against data loss is usually worth it in the long run, especially when pitted against potential costs down the line.
In the case of major data loss, business continuity and day-to-day functions can be severely affected, tacking on additional costs. Company time and resources will often need to be diverted to address data loss and recover the most recent copy of lost data, so other business functions may be affected.
An organization's reputation can also suffer following a data loss. Customers need to be informed of the loss, and those customers may take their business elsewhere. Entrusting personal, sensitive data to another company takes trust, and the loss of data can make an organization look unreliable. Rebuilding these relationships will take significant time and company resources.
Data loss prevention (DLP) can take the form of a strategy or a product that aims to mitigate or prevent data loss in case of an incident. DLP strategies tend to target the sharing of sensitive data outside of the corporate network, while software products control this aspect through limiting what users can transfer or share.
The end goal of DLP is to protect confidential and sensitive data from unauthorized users who could mishandle or maliciously share it. Whether in response to insider threats or the need to conform to outside data protection regulations, having a data loss prevention plan is becoming an important part of a modern backup and data protection strategy.
A sampling of DLP products and services include Microsoft Office 365 Data Loss Prevention, Symantec Data Loss Prevention and McAfee Total Protection for Data Loss Prevention.
When an organization is responsible for protecting someone else's data, it also takes on the responsibility to keep those people or organizations informed of the status of their data. In the United States, each state has enacted legislation requiring both private and government organizations to inform relevant parties of a breach or loss of their data.
Enacted in May 2018, the European Union's General Data Protection Regulation addresses notifying affected parties of data breach or loss. In Article 33 of the GDPR, there is a mandatory 72-hour countdown for organizations to gather information and report on data breaches to the regulator, as well as the impacted individuals involved in the breach. Along with notification, the organization must draft a plan to recover the data within those 72 hours.
While the GDPR is an EU regulation, it applies to any organization that has the data of EU citizens. Because of this, any organization globally that collects this type of data is liable for data loss that occurs, and subject to the GDPR rules.
Backup is the first step to recovering from data loss, ensuring that an organization has at least one additional, recent copy of vital data. To ensure that backups are safe, off-site backups are recommended to protect them from threats that take place in or around the data center. Copies kept out of reach may be more difficult to access later on, but provide an extra layer of protection.
Cloud backups can be accessed with relative ease following data loss, but organizations should vet a cloud provider to ensure that data will be protected and retrievable. Performing frequent backup and recovery tests can help to make sure that data is properly backed up and formatted, and can be accessed as quickly as necessary.
Having antivirus software in place is the best protection against malicious attackers, so it should be updated frequently. For the more physical threats, computers and hard drives should be kept in a clean, dry and secure location. Organizations should also monitor employee access to files and equipment. Proper training regarding confidentiality and the sharing of data can help prevent loss by human error.