Fred Engel, Senior Vice President of Engineering and CTO, Iron Mountain Digital

Helping to produce growing numbers of boxes and bytes of information. Companies once only needed to worry about their data center, or a centralized location of their vital business records. Now, they must account for remote severs, desktop PCs, laptops and handheld computers, all of which might contain customer phone numbers, a transaction log, or even details about a new product.

Protecting this information is critical to a company's success and to defending it from unforeseen disaster. The key for any organization - regardless of its size or the industry in which it plays - is to implement a data protection program that mitigates business risks, reduces costs, increases compliance, and helps improve overall business service levels.

Implementing a secure data protection strategy requires planning and preparation. Getting started begins with developing the strategic policies concerning what data needs to be protected and then identifying that data and any copies of it within the enterprise storage environment.

The next step is selecting the most secure method for protecting the most critical data. This could mean electronic vaulting or data encryption. With any approach, the management process around secure data protection needs to be addressed. The standard operating procedures governing security of data at rest must contain a metrics base that tracks not only completion and compliance, but also the logistics management of both the physical data container and most importantly, the encryption key itself.