51 Useful Data Protection Resources

by Nate Lord on Wednesday April 17, 2024

51 of our Favorite Data Protection Resources

Businesses and organizations are creating and using data at unprecedented rates. With this boom in big data comes challenges and problems in information and data protection. Previously, enterprises emphasized perimeter security over things like endpoint protection, data-centric security and data loss prevention. Now, the rise of mobility and ever-expanding security perimeters make it necessary for companies to find data protection solutions that secure data from both internal and external threats, placing the focus on sensitive data as it travels within and outside of enterprise networks.

The ever-changing landscape of data protection has resulted in a tremendous amount of knowledge sharing and thought leadership from technology experts, industry analysts, consulting firms, privacy lawyers, and others with a vested interest in data security and protection. These experts share their knowledge and advice in a wide range of formats, including blogs, white papers, videos, webinars, guides, and other online resources. With the sheer quantity of information and resources available online today, it can be difficult to sort through it all to find the most trusted and experienced sources that provide accurate insights and educated perspectives on relevant data protection challenges facing modern enterprises.

So, we've compiled a list of 51 useful data protection resources to help you secure your data and feel more at ease about your company's valuable information. Our list includes reports from leading industry analysts, surveys, data protection blogs, white papers, videos, and more. The following 51 resources aren't listed in any particular order, other than by category. This list is not intended to imply that the resources included here are the best or only resources on the topic; rather, these are 51 data protection resources we think are worth a look, from analyst reports worth reading (or re-reading) to resource portals worth adding to your bookmarks. If there's something great that's not on the list, let us know in the comments!

Table of Contents:

Blogs
White Papers, Studies, and Reports
Slide Shows and Videos
Infographics
Handbooks, Tutorials, Guides, and Publications

Blogs

1. ICO Blog
@ICOnews

The Information Commissioner's Office (ICO) upholds information rights that are in the public interest and promotes openness by public bodies but strives for individuals" data privacy. The ICO Blog focuses on those information rights issues, and especially data protection.

Three posts we like from ICO Blog:

2. Chronicle of Data Protection
@HLPrivacy

The blog of Hogan Lovells, privacy attorneys and data security lawyers, Chronicle of Data Protection includes posts about consumer and financial privacy, cybersecurity and data breaches, and other topics of relevance to data protection. With the latest information on security news and trends, Chronicle of Data Protection is a useful read for those who need the most up-to-date data protection regulations and news.

Three posts we like from Chronicle of Data Protection:

3. datonomy, the data protection blog
@Datonomy

datonomy boasts a team of home, international, and guest bloggers to make it a well-researched data protection blog. Posts typically discuss data protection law and practice, as well as the problems and challenges associated with data protection.

Three posts we like from datonomy:

4. Data Protection Technology Blog
@guardiantech

The Data Protection Technology Blog is provided by the Guardian, which covers American and international news for its global online audience. Data Protection Technology Blog is frequently updated with the latest news and information about worldwide data protection issues and is a trustworthy resource.

Three posts we like from Data Protection Technology Blog:

5. Privacy Matters
@DLA_Piper

Privacy Matters is written and maintained by DLA Piper's Data Protection and Privacy practice. Posts update readers about legal matters and regulations regarding data protection, plus include analysis of data protection happenings around the world.

6 . IT Security Expert Blog
@SecurityExpert

The expert behind the IT Security Expert Blog is Dave Whitelegg, a UK-based information security expert. Whitelegg makes his blog accessible to people at all levels of technology knowledge and provides his views on IT security, privacy, and data protection.

Three posts we like from IT Security Expert Blog:

7. The Privacy Surgeon

As the Privacy Surgeon, Simon Davies provides "forensic insights from the world's most experienced privacy advocate." Davies analyzes issues of privacy, information security, and data protection in his informative, sometimes satirical posts.

8. Data Protector
@DataProtector

Martin Hoskins is the Data Protector, and he uses his blog "to offer an irreverent approach to data protection issues." Hoskins' preference for transparency, fairness, practicality, and risk-assessment over technical principles are clear in his data protection posts.

Three posts we like from Data Protector:

9. Data Privacy Monitor
@BakerPrivacy

BakerHostetler is "one of the nation"s largest and most comprehensive practices in the area of data privacy and information security." Data Privacy Monitor, their blog, offers information on data privacy and information security and is a very helpful resource to organizations that handle data protection.

Three posts we like from Data Privacy Monitor:

10. Data Protection Insights
@Computerworld

Data Protection Insights, a blog provided by Computerworld, shares the advice and insights from Peter Eicher"s more than 15 years of experience in the computer software industry. The posts cover data protection-related topics such as data backup and recovery and storage, among others.

Three posts we like from Data Protection Insights:

11. Privacy and Data Security Law
@Dentons

Produced by Dentons" Global Privacy and Security group, Privacy and Data Security Law provides information on creating, collecting, using, destructing, and securing data for compliance, to minimize litigation risk, and to maintain usability. The blog posts provide very detailed information and advice for data protection and other related topics.

Three posts we like from Privacy and Data Security Law:

12. Innovation Insights
@WiredInsights

Innovation Insights, a community blog and forum, is "dedicated to new thinking for a new era in technology." Community members post their thoughts, ideas, insights, and tips on everything from big data to supercomputers on the blog, but there is a rich discussion centered on data protection that is definitely worth a read.

13. Data Protection
@CSOonline

Data Protection from CSO provides readers with the latest news, analysis, opinion, and more regarding data protection. With research and how-to guides, Data Protection is a robust blog that serves everyone who is tasked with data protection.

Three posts we like from Data Protection:

14. Infosecurity Magazine Data Protection
@InfosecurityMag

Infosecurity Magazine"s Data Protection category includes information on best practices for managing data breaches, information risk management, and tools and procedures for effective data loss prevention. Information is presented in a variety of formats, including white papers, webinars, and articles.

Three resources we like from Infosecurity Magazine Data Protection:

15. TechTarget Enterprise Data Security and Privacy
@searchCIO

TechTarget"s Enterprise Data Security and Privacy section is a robust collection of perspectives, news, and insights on data protection. You"ll find news stories and vendor resources, product reviews, Q&A resources, and more.

Three posts we like from TechTarget Enterprise Data Security and Privacy:

16. System Center: Data Protection Manager
@MS_SystemCenter

The System Center: Data Protection Manager blog at TechNet covers all things related to Microsoft System Center products, in addition to general news and industry insights on data protection, security, and mobility.

Three posts we like from System Center: Data Protection Manager:

White Papers, Studies, and Reports

17. ESG Global Data Protection Resources (now part of TechTarget)
@esg_global

ESG Global offers a robust collection of resources, analyst reports, surveys, and other insights related to data protection. Blogs, videos, and lab reports offer insights on the latest research in the field of data protection, as well as varied perspectives from industry analysts and thought leaders.

18. Brocade
@BRCDcomm

The Brocade white paper "Data Protection: Understanding the Benefits of Various Data Backup and Recovery Techniques" features content about how organizations should define their recovery objectives. The paper also discusses how organizations should align their technology strategy and business requirements and is a valuable read for any company executive who makes decisions about data protection.

Three key topics we like from Brocade:

Data recovery objectives
Macro design decisions
Continuous data protection and file services data protection

19. eBook: 5 Practical Tips to Protect Manufacturing Trade Secrets
@DigitalGuardian

Digital Guardian's 5 Practical Tips to Protect Manufacturing Trade Secrets offers five key recommendations for evaluating your organization"s security program"s ability to protect your IP from cyber espionage attacks.

Three key topics from 5 Practical Tips to Protect Manufacturing Trade Secrets:

Former DuPont CISO Larry Brock on makes the case for investment in IP protection and establishing a holistic program
Approaches to calculating the true cost of IP theft
Protect your IP from insider and outsider threats

20. ISG
@ISG_News

Known for its technology insights, market intelligence, and advisory services, ISG is a leader in the field. ISG"s white paper, "Defining the Right Data Protection Strategy: The Nuances of Backup and Recovery Solutions," is an authoritative data protection resource from ISG"s Cindy LaChapelle, Principal Consultant.

Three key topics we like from ISG:

Data protection strategies for critical business data
Optimizing data protection
Appropriate data protection solutions

21. Whitepaper: Dan Geer on How to Mitigate the Risk of Insider Threats
@DigitalGuardian

Insider threats pose substantial risks to enterprise intellectual property. Dan Geer reveals strategies for mitigating the risk of insider threats in this white paper from Digital Guardian.

Three key topics from Dan Geer on How to Mitigate the Risk of Insider Threats:

Mitigating security risk from insider threats
The current state of insider risk and how to assess insider risk
Most cost-effective approach for mitigating insider risk

22. The Business Case for Data Protection: What Senior Executives Think about Data Protection
@PonemonPrivacy

This study, conducted by the Ponemon Institute, uncovers what executives consider to be the most important considerations in the safeguarding of sensitive information and the compliance with increasing regulatory requirements. This is the second such study focused on the awareness of CEOs and other executives about their companies" data protection efforts and the value in data protection initiatives, both in terms of economic justification and in how well these efforts support broader organizational goals.

Three key topics we like from The Business Case for Data Protection:

The perceived value of data protection efforts
Executive awareness of corporate data protection efforts
Major risks to sensitive and confidential data in the cloud

23. 2014 State of Endpoint Risk
@PonemonPrivacy

Expanding mobility programs have created less-definable security perimeters for enterprises. That"s the focus of this analysis from the Ponemon Institute, which surveys 676 IT and IT security practitioners with knowledge of and/or involvement in endpoint security. The study finds that endpoint security is more difficult to manage than ever.

Three key topics we like from 2014 State of Endpoint Risk:

The biggest threats to endpoint security
IT security risks of greatest concern to organizations
The most frequent types of malware incidents

24. Verizon 2014 Data Breach Investigations Report
@VZEnterprise

This Executive Summary from the Verizon 2014 Data Breach Investigations Report reveals findings from an analysis of data from more than 50 organizations around the world and more than 63,000 security incidents. In total, 1,367 confirmed data breaches were studied, identifying nine key patterns that have contributed to more than 92 percent of data breaches within the past decade.

Three key points we like from Verizon 2014 Data Breach Investigations Report:

The key elements involved in a data breach
Nine incident classification patterns
Who can you trust?

25. Whitepaper: How to Protect Unstructured Sensitive Data
@DigitalGuardian

Unstructured data is one of the most substantial risks to enterprise security in the modern landscape. This white paper from Digital Guardian discusses how new approaches to security provide the most effective and proactive protection for unstructured data.

Three key topics from How to Protect Unstructured Sensitive Data:

How to protect unstructured data to bolster your competitive advantage
Learn where your unstructured data lives and how to provide continuous protection
How to implement a phased data program that respects existing business processes while iteratively decreasing risk to unstructured sensitive information

26. IDC Analyst Report: The Critical Need for Edge Data Protection
@InformationWeek

Most enterprises and SMBs are aware of the potential cost of unrecoverable data on lost or stolen laptops and mobile devices, even desktops. But while mobility continues to gain momentum, most firms fail to implement adequate security measures that sufficiently address the increased risk. This IDC analyst report, available from InformationWeek, discusses why adequate endpoint protection is more critical than ever.

Three key topics we like from The Critical Need for Edge Data Protection:

Mobility has led to complexities in data protection
Most firms lack adequate protection, recovery policies or tools for increasing data volume
The need to protect endpoint devices is more critical than ever

27. Data Events: the next step in security
@TITUS

Knowing what happens when data is used or combined in a particular way is the next step in security. That"s the focus of this analyst report, offered by TITUS, providing an understanding of the shifting security requirements for data as it changes state or location throughout an enterprise.

Three key topics we like from Data Events: the next step in security:

Business decisions can drive data events
Data security requirements change as data changes state or location
Proper recording and handling of data events

28. Analyst Report: Forrester Future of Data Security
@DigitalGuardian

In the modern security landscape, the perimeter approach is no longer sufficient given the constantly shifting security perimeters of most enterprises today. A data-centric approach to security ensures that security measures travel with your data throughout the enterprise network. This analyst report from Forrester, available through Digital Guardian, discusses the advantages of the data-centric approach over more traditional perimeter-focused methodology.

Three key topics we like from Forrester Future of Data Security:

How to implement a data-centric approach and bolster your security posture
Learn about Forrester's Data Security and Control Framework
Necessary steps to maximizing on the potential of big data and digital business

29. Code 42 - How BYOD is Reshaping the Endpoint Data Protection Landscape
@code42

While endpoint protection has historically been an afterthought as mainstream backup and recovery vendors emphasize servers, endpoint data protection is now beginning to become more of a focal point for both IT security and backup/recovery services. This analyst report, available from Code42, discusses the driving forces behind this shift and the role of endpoint protection in modern security.

Three key topics we like from How BYOD is Reshaping the Endpoint Data Protection Landscape:

BYOD and the consumerization of IT
IT can no longer ignore sensitive data contained on mobile devices
Data loss, centralization of data, and management of mobile data

30. PCI DSS Compliance Survey Results
@Imperva

Consumers continue to be at risk of identity theft, despite the Payment Card Industry"s (PCI) Data Security Standard (DSS). The results of this PCI DSS Compliance Survey reveal the findings of a survey across more than 500 U.S. and multinational IT security practitioners, presented by Imperva and the Ponemon Institute.

Three key topics we like from PCI DSS Compliance Survey Results:

How to use PCI to bring about a broader, more effective security program
Get senior management more aware of and involved in IT security using PCI
Properly align your organization and select cost-effective strategies

31. Analyzing the Chemistry of Data
@TITUS

Security too often focuses on systems and devices, largely ignoring data. This analyst report from TITUS reveals why data should be the focus of security and how analyzing, identifying, and defining data are the keys to effective enterprise security.

Three key topics we like from Analyzing the Chemistry of Data:

Answering the question of what employees could do with data
Security is too often focused on systems and devices, rather than data
Analyzing, identifying & defining your data

32. ESG Research The Modernization of Data Protection
@esg_global

This Final Sponsor Report from ESG Research, offered via CIOSummits.com, covers the modernization of data protection based on an in-depth survey of 330 IT professionals responsible for data protection solutions encompassing hardware and/or software. Mid-market and enterprise-class organizations from both North America and Europe are represented in this survey.

Three key topics we like from The Modernization of Data Protection:

Size and Growth of Data Protection Environments
Data Protection Challenges and Areas of Investment
Adoption of Alternative Data Protection Technologies

Slide Shows & Videos

33. IT BusinessEdge
@ITBusinessEdge

IT BusinessEdge"s slide show, "Eight Steps to Enterprise Data Protection," explains eight steps for developing an enterprise data security plan. IT BusinessEdge reminds companies that they no longer can focus solely on perimeter security for their data protection, because more than 50 percent of security breaches are committed internally.

Three key topics we like from IT BusinessEdge:

The importance of data classification
Determine an acceptable threat level
Implement compliance measures

34. Security and Data Protection in a Google Data Center
@google

This video features a tour of a Google data center. The security and data protections that are in place at Google"s data centers are highlighted in the seven-minute video and serve as a model for other organizations looking for data protection solutions.

Three key topics we like from Security and Data Protection in a Google Data Center:

Physical security of the data
Protection of the data in the data center
Reliability of operations in the data center

35. Data Protection in the cloud are we fooling ourselves?
@Thalesesecurity

In this video from Thales e-Security, Richard Moulds, Vice President of Strategy, explores several questions surrounding data protection and the cloud. He details information from a study that shows how organizations should approach data protection in a cloud environment.

Three key topics we like from Data Protection in the cloud are we fooling ourselves?

Applying encryption to protect data in the cloud
Data protection responsibilities
Organizations" roles in protecting their own data in the cloud

36. Webinar Privacy and Data Protection in eDiscovery
@zylab

This nearly hour-long webinar includes presenters Ken Rashbaum, attorney and principal of Rashbaum Associates, LLC, and Dr. Johannes C. Scholtes, chairman and chief strategy officer of ZyLAB. Moderated by Mary Mack, enterprise strategy counsel for ZyLAB, the webinar explores the need for enterprises to find practical solutions for reducing the risk and cost associated with data protection challenges.

Three key points we like from Webinar Privacy and Data Protection in eDiscovery:

Enterprises may be subject to preserving, disclosing, or discovery obligations in relation to data
The risk and cost of global data privacy
Cross-border discovery challenges with data protection

37. How to Plan your Data Protection Spectrum
@esg_global

This video by Jason Buffington, whose specialty is data protection and Windows Server infrastructure, management, and virtualization, explores the idea that data protection is an umbrella term. The video explains how data protection actually is a broad range of IT behaviors, including archiving, backups, snapshots, replication, high availability, disaster recovery, and business continuity.

Three key points we like from How to Plan your Data Protection Spectrum:

Use feedback from business stakeholders to determine which color of the Data Protection Spectrum best meets business goals
Consider solutions that consolidate the management of them
Choose solutions that are most cost-effective

38. Data Protection Challenges of Virtualization and the Cloud
@esg_global
@ZertoCorp

This ESG Research Spotlight video, commissioned by Zerto, features ESG senior analyst Mark Bowker. In Data Protection Challenges of Virtualization and the Cloud, Bowker discusses the challenges IT organizations face as they virtualize their environment.

Three key points we like from Data Protection Challenges of Virtualization and the Cloud:

Organizations lag in their Tier-1 database, ERP, and CRM virtualization
The gap between traditional replication functions and the needs of the virtual world
Tier 1 database applications require much more protection than the other tiers

39. Privacy in the Age of Big Data Series
@WCSRtweet

Womble Carlyle attorney Ted Claypoole and former White House CIO Teresa Payton co-authored the book "Privacy in the Age of Big Data." This video series on YouTube is a collection of discussions between the authors about the data protection topics and issues they cover in their book.

Three videos we like from the Privacy in the Age of Big Data Series:

Infographics

40. The Need for Aggressive Data Protection
@NimbleStorage

The Nimble Storage company offers flash storage solutions. Their infographic analyzes survey results from 1,600 small, medium, and large businesses worldwide in regards to the need for aggressive data protection.

Three key points we like from The Need for Aggressive Data Protection:

70% of respondents say more than half of all data is business critical
69% of respondents rely on disk as the dominant media for data protection
43% of respondents report meeting recovery time objectives as a top data protection challenge

41. Rethinking Protection for the Modern Data Center
@HPAutonomy

A leader in software that processes unstructured data, HP Autonomy is known for its enterprise backup and recovery capabilities. The Rethinking Protection for the Modern Data Center infographic captures modern approaches to data protection.

Three key points we like from Rethinking Protection for the Modern Data Center:

90% of today"s data has been created in the past two years
Only 25% of servers were virtual in 2010; in 2014, 75% of servers were virtual
75% of organizations cite "security and data loss" as their primary concern

Handbooks, Tutorials, Guides, and Publications

42. Data Protection Laws of the World
@DLA_Piper

DLA Piper is a global law firm with more than 4,200 lawyers working to help companies with their legal needs. Their interactive handbook, Data Protection Laws of the World, is geared toward businesses and organizations looking for help in comparing data security and data protection legal matters around the world.

Three key features we like from Data Protection Laws of the World:

Compare the National Data Protection Authority of any two countries
Compare the Breach Notifications of any two countries
Compare the Data Security and Data Protection Laws of any two countries

43. Data Protection and Management Tutorials
@SNIA

SNIA works to advance IT technologies, standards, and education programs for IT professionals. Their Data Protection and Management Tutorials are available for download directly from their site, and visitors also may view abstracts prior to downloading so they can decide which tutorials are best suited to their data protection needs.

Three key topics we like from Data Protection and Management Tutorials:

Managing backup and recovery in today"s data centers
Advanced data reduction concepts
Trends in data protection and restoration technologies

44. Guide to data protection
@ICOnews

The Data Protection Act of 1998 includes a number of legal obligations for companies to follow in order to protect information. The Guide to data protection from ICO is intended for organizations that handle personal information about individuals and are concerned with complying in all areas of data protection.

Three key topics that we like from the Guide to data protection:

Key definitions of the Data Protection Act
Data protection principles
The conditions for processing

45. EU Data Protection Regulation
@TechTarget

The EU Data Protection Regulation guide from ComputerWeekly.com explains the new European Data Protection Regulation in full. This essential guide also helps businesses to determine whether they need to make any changes in their data protection solutions to meet those regulations.

Three resources we like from EU Data Protection Regulation:

46. Information Quality Journal
@iaidq

The International Association for Information and Data Quality (IAIDQ) is "a not-for-profit, vendor-neutral professional society of people who are interested in promoting and defining information and data quality." The Information Quality Journal is the association"s publication that shares insights for data professionals, including those pertaining to data protection. Some articles are free to read, while others are available only to members.

Three articles we like from Information Quality Journal:

47. InfoSec Institute
@InfosecEdu

InfoSec Institute provides high-quality information security training. Their articles and technical tutorials focus on data protection-related issues, including layered protection, data protection tools, sharing sensitive business data, and more.

Three articles we like from InfoSec Institute:

48. TH!NK PRIVACY
@ICOnews

The TH!NK PRIVACY toolkit, a set of training materials from ICO, was "created to aid the communication of the challenge faced by organisations of all sizes, to their employees reminding staff to "press the mental pause button" before taking action." With free downloadable posters, bin stickers, and postcards, TH!NK PRIVACY provides the materials helpful for reminding employees to think about data protection during all stages of their work.

Three resources we like from TH!NK PRIVACY:

TH!NK PRIVACY Toolkit Option 1 Printable "Responsibility" poster
TH!NK PRIVACY Toolkit Option 1 "In your hands" poster
TH!INK PRIVACY Toolkit Option 2 "Data sending" poster

49. International Association for Information and Data Quality Publications
@iaidq

The International Association for Information and Data Quality (IAIDQ) provides dozens of publications for both members and nonmembers. The publications cover a wide expanse of years and include webinars, journal articles, book reviews, industry reports, and other information sources on data protection.

Three resources we like from International Association for Information and Data Quality:

Information & Data Veracity (online newspaper)
The DNA of Data (webinar)
World-Class Meta Data Management (webinar)

50. Privacy and Information Security Law Blog Publications
@hunton_privacy

Hunton & Williams" privacy practice is a worldwide firm with experience and knowledge in information security and data protection. Their lengthy list of publications is a valuable resource for IT professionals and company executives who bear the responsibility of data protection.

Three resources we like from Privacy and Information Security Law Blog Publications:

51. 2014 Data Protection & Breach Readiness Guide
@otalliance

The Online Trust Alliance creates the 2014 Data Protection & Breach Readiness Guide to help organizations of all sizes understand the issues and solutions that can enhance data protection practices and develop readiness plans to enable rapid incident response.

Three key topics we like from 2014 Data Protection & Breach Readiness Guide: