News/Trends

Data loss sets murder suspect free; 8 best practices that could’ve prevented it

In March 2021 at the Dallas Police Department, an IT technician accidentally deleted around 21 terabytes of data. This data included evidence that was to be used against a murder suspect whose trial was imminent. 

Both the police and prosecutors were unsure if there was a backup copy of the evidence gathered for the case. Unfortunately, this meant that just before the trial was to begin, prosecutors did not have enough evidence to proceed, and the suspect was released on a personal recognizance bond.  

How was the data deleted?

The IT employee was migrating data that had not been accessed in the previous 6-18 months from a cloud-based archive to an on-premises server in the city of Dallas’ data center. A statement by the Dallas police department said, “…the employee failed to follow proper, established procedures, resulting in the deletion of the data files.” 

An attorney hired to review the data-loss incident said in a report that the IT employee did not have any malicious intent behind the deletion. However, the report also mentioned that the IT backup technician’s understanding and training on the data backup platform were inadequate. 

To think that an IT professional could accidentally, yet permanently delete around 21 TB of data during a simple data archiving process is quite alarming, especially considering the organization’s IT budget of $100 million. Let that sink in for a bit. 

8 key cyber resilience best practices for any organization

This incident is an important wake-up call for all organizations. According to a recent IBM Cyber Security Intelligence Index Report, human error is a major contributing cause in 95% of all cyber security breaches. 

There’s a certain degree of human error in every organization, even with adequate training and protocols in place. Therefore, it’s important for all organizations to implement the following eight cyber resilience best practices to keep data safe and secure.

  1. Use the 3-2-1 data backup rule
  2. Automate data retention processes such as long-term data archival
  3. Choose data backup software that helps you automate tasks and provides several safety features built-in by default 
  4. Create an effective access control system that ensures only the required personnel have rights to critical tasks such as data deletion
  5. Invest in user-friendly software that doesn’t require training and is easy to manage and maintain 
  6. Go with cloud-native solutions that are flexible and scalable across multiple clouds and data centers to eliminate data transfer from on-premises to cloud and vice versa
  7. Invest in training the organization on the basics of cybersecurity and your specific protocols
  8. Be mindful of malware, ransomware, and other malicious tactics from cyber attackers

Next steps

Druva is committed to helping organizations across all industries detect, protect, and recover faster from human error, cyber attacks, or natural disasters. The Druva Data Resiliency Cloud not only provides truly immutable backups with infinite scale, it also saves organizations up to 50% or more over their previous data protection solutions.

Learn more by reading the new Forrester TEI study and discover how enterprises receive over 250% ROI and gain much greater ease of use with The Druva Data Resiliency Cloud.