CDSA

M&E Journal: Physically Distancing Your Data

When pandemics strike and people are physically isolated, data must still be monitored and protected even if physical workplaces are closed down.

Storing files in the cloud can make it easier to monitor and work with the files remotely, but this type of online storage also makes data more vulnerable to cyberattacks. The data security risk is compounded by companies requiring staff to work from home (WFH), often on the staff person’s personal computer, without proper security controls. In this environment, data preservation and asset security could become weakened.

The novel coronavirus pandemic has pushed to the fore how workflows can be adjusted to be performed remotely as much as possible, but there is a correlated risk to data security.

There is a need for:
–Secure, remote access to data from home environments
–Automated digital asset management
–Offline storage as baseline protection against cyberattacks such as ransomware

Other articles in this special issue will likely discuss cybersecurity and work-from-home environments in more detail. This article focuses on secure storage and auto-mated asset management.

Automated asset management

When health emergencies such as COVID-19 strike, automated asset management should be implemented where possible to limit staff interactions with the network, whether the interactions are performed remotely (which can endanger the assets) or on-site (en-dangering the staff person’s health). Many organizations already have remotely accessible digital asset management systems (DAMs) secured behind firewalls and accessed through VPNs with multi-factor authentication.

This scenario implies that the assets are likely stored on spinning disk, whether in the cloud or on-premise.

Any data stored on spinning disk connected to the internet is at some level of risk. Even connecting to the DAMs through a VPN can be compromised if the employee’s home network already has malware lurking in it. The malware could travel through the VPN connection to the terminus. DAMs should be customized, or alternatively, tools should be written to automate functions, including basic functions such as ingest, metadata extraction, hierarchical storage management and fixity checks.

Where staff need to enter metadata in a system, the system should be cordoned off from the actual assets, so that the assets themselves cannot be touched.Digital Bedrock is a digital preservation service provider. We preserve and protect our clients’ digital content as a kind of data insurance policy.

Our system and workflow are an example of pairing complex automated processes with physical barriers to accessing data. Automated digital preservation actions have already been built into our software, so clients’ data is preserved with minimal human interaction. This is good digital preservation practice; humans are more likely to introduce data errors than machines

Secure storage

As part of our workflow, metadata is extracted from ingested files and becomes indexed and searchable. Clients can search this metadata in their own portal without touching the actual assets.

While metadata is searchable online, files are stored offline in secure, locked, and geographically separated locations so clients’ files cannot be touched. However, files can be delivered for preservation to us electronically through a file accelerator, or through a direct connection to the client’s cloud storage provider.

This enables clients to send us data electronically without the need to go to their company’s workspace. Since our digital preservation processing is automated, we can manage and preserve our clients’ digital content securely without risking our staff’s health as well. Data management automation combined with physical barriers to data access is a secure methodology to protect both digital con-tent and staff during this pandemic — and beyond, as it is also a model for future workflows.

* By Linda Tadic, CEO, Digital Bedrock

——————————————————

Click here to translate this article
Click here to download the complete .PDF version of this article
Click here to download the entire Spring/Summer 2020 M&E Journal