DataVault Newsletter

Many businesses backup their critical data only to find it useless in that crucial moment when they need to restore it.

Contact Info

Condor IT Solutions Inc.
p:604-692-2181 f: 604-689-9206
Third Floor, 1128 Hornby Street
Vancouver, British Columbia V6Z 2L4

July 2008 - Issue No. 15

Should you trust your employees with your data?

You can have the best backup and recovery system in place, but you can still experience loss of data especially by a disgruntled former employee. Formulating policies to manage company data can be complex, but besides keeping your employees happy be sure that they understand their role and the ramifications of deleting or keeping each piece of data they handle.

The best way to prevent rogue data deletion or rule-breaking data transfers is to convey your company's data management policy to all employees and the consequences for breaking that policy. That will eliminate 99% of potential problems. But what about the other 1%? Unfortunately, there will always be opportunity for misuse. For example, witness the following case.

On June 12, 2008 a San Diego network engineer, Jon Paul Oson, was sentenced to more than five years in prison for intentionally damaging computers at his former workplace. After a negative review he quit his job to later on access the Council of Community Health Clinics’ (CCC) network which provides services to 17 regional health clinics in San Diego and Imperial Counties in California.

Oson subsequently accessed the CCC network, disabled the automatic backup process, and later deleted data and software on CCC servers, including patient data belonging to North County Health Services Clinic (NCHS), one of CCC's member clinics. He used a server accessible through the Internet using the "Remote Desktop" application that's part of Windows Terminal Services, with a CCC password.

The computers seized from Oson's residence all had their operating systems re-installed after December 29, 2005, the date of the last unauthorized access, effectively erasing potential evidence on them. However, other evidence gathered from CCC's logs and witness testimony proved sufficiently compelling for the jury to convict Oson.

The trial brief says that the deletion of CCC's data hit the organization hard. "Patients who visited the clinic in the weeks following the network disruption were kept waiting hours and sometimes futilely while their charts were located and delivered to the appropriate clinic and doctor," the court documents explain. "With the shutdown of its Practice Management system, NCHS had to shift to a paper-based system. It took dedicated NCHS staff months to collect the paper records, input them into Practice Manager and initiate billing for those visits. The unavailability of charts and the associated computerized records impacted patient care."

Oson was ordered pay restitution of $144,358.83 to CCC and $264,979.00 to NCHS.

Have you ever thought about what would happen if one of your employees wipes out all your information? Ask yourself what you can do to absolutely protect those irreplaceable files.

DataVault is a practical solution. With DataVault your files are backed up to a remote backup location of your preference so they are safe from any natural and human disaster. With most systems the I.T. Manager or some other employee is able to password protect the backup device himself, leaving the company vulnerable to possible data loss. With DataVault, the owner of the company can set up his own password through our office, so that none of his employees has access to the remote backup. This process is a fool-proof measure that minimizes the possibility of accidental or deliberate loss of data.

Always look for a solution where you don't need to remember or verify your backups. DataVault is one of those solutions. We invite you to contact us if you require more information.