Entities are investing loads of money to keep their systems updated with their current business needs. This approach is highly recommended as it shows a sense of maturity by these entities not to allow systems to dictate how business practices are carried. Systems administrators involved in such process tend to ensure that data in such systems is protected. Simple mechanisms such as data back up on a frequent basis and user authentication with access policies are typically found in requirements lists when an entity is requesting a new system. Security measures like these must be operated by the entity, but in most cases of data theft, it has been found that such measures were operated properly but the culprit was difficult to identify.