Between data analytic requirements and consolidation initiatives, there is a rapid increase in the use of structured data storage, and the amount of data stored in this way. The information stored in enterprise databases is increasingly sensitive and subject to legal, regulatory and other compliance requirements. In addition, many enterprises continue to rely on inadequate network and application-layer controls, and perform only minimal monitoring on database storage infrastructure.
Steps that CIO must take
- Evaluate your enterprise's current database controls to identify gaps and compensatory or mitigating controls for those gaps.
- Conduct a database risk assessment, applying a balanced approach to risk management and mitigation based on risk, criticality, and regulatory and other compliance requirements.
- Identify the monitoring use cases that apply to their enterprise's database infrastructure, and deploy tools to support those use cases effectively and efficiently.
- Develop and communicate a clear policy specifying what database-related behaviors should be audited and why.
Cloud Computing Key to Disaster Recovery Planning
Tuned, pretested DR support capabilities and services are now helping midsize company managers reduce the risks of an extended business outage due to disaster, and at more reasonable costs than ever before. Today, it is possible to put in place disaster recovery technology and practices that may cost less per user supported than older technology that did not support DR.
Cloud computing is one possible answer to the need for such flexibility,providing a highly automated,dynamic alternative for the acquisition and delivery of IT services. Today users are tapping into public and private clouds for computing resources and services without having to address the underlying technology. Companies are leveraging the massive scalability and collaboration capabilities of cloud computing to solve problems in ways that just were not possible before.
They are deploying new services with greater speed and without additional capital investment. As IT budgets continue to be stretched,cloud computing is enabling CIOs to do more with less. Virtualization,standardization and other fundamental features of cloud are lowering the cost of IT,simplifying IT service management and accelerating service delivery.
Such operational efficiency is helping companies capitalize on the globally net-worked world. It is enabling CIOs to leverage the infrastructure more effectively to support the business goals of their company. By lessening the drag on data center resources,cloud computing is enabling IT to hone in on real value creation,namely innovation. Rapid,technology-enabled innovation is vital to staying afloat in a highly volatile and uncertain economy. Cloud computing provides the platform for optimizing operations while creating and delivering the kind of innovative services that differentiate and propel the business forward.
These new DR implementations have provided some midsize companies with the means to avoid shutdowns when and if their IT centers go offline - reducing expected disaster-induced outage hours (downtime) per year. Importantly, research shows these implementations can reduce costs by more than 35% compared with unprepared centers using older technology.
Advanced processes and technologies can ease the backup process, introduce more automation into the data replication process, and enable IT staff to protect more applications with restart and recovery capabilities. Executives of midsize businesses may wonder how to prepare for the possibility that a calamity could wipe out their IT operations. The words "disaster recovery" (DR) evoke images of the earthquake in Japan, or flooding in Chicago and Japan - events that took businesses of all sizes offline.
However, it's important to know that many business-disrupting outages result from causes far less dramatic than natural disasters. Everyday events - such as construction crews cutting through a power line, an air conditioning failure, a network provider interruption, or a security issue - can take systems offline. These interruptions happen more than most midsize business managers expect and with increasingly critical impact, as customers become more accustomed to accessing online information and placing orders online.
Security Policy and ProcedureTemplate
Data Security and Protection are a priority and this template is a must have tool that every CIO and IT department must have. Over 3,000 enterprise worldwide have acquired this tool and it is viewed by many as the Industry Standard for Security Management and Compliance.