SANTA MONICA, Calif. – May 2, 2018 – May 25th marks the beginning of the enforcement period for the European Union’s General Data Protection Regulation, (GDPR) with heavy fines levied against companies that fail to adequately protect data. GDPR requires organizations to maintain the privacy of any EU citizens’ personal data, and all companies, regardless of location, are obligated to comply.
GDPR covers any information that can directly or indirectly identify an individual such as a name, address, email address, photo, bank or credit card details, medical data, and an IP address. Even small to midsized businesses that have EU citizens on an opt-in mail list, or have sold a product to an EU citizen, are subject to regulations including protection against loss, unauthorized access, modification, and disclosure.
In order to ensure compliance with this and other government- and industry-imposed regulations, organizations need to deploy a comprehensive policy-driven data protection strategy, say experts at Aparavi, a developer of SaaS platforms for active archive. Below are five tips companies should implement to ensure compliance with GDPR.
Strategically manage and place data in the right location for the business need. This could include one cloud for older data that is not retrieved as often, one cloud with the appropriate performance for quick retrieval, and a local copy. With strategic policies, you have the flexibility to move or migrate between different clouds. As data ages and data access slows down, the data seamlessly moves to different clouds or tiers for long term retention and better pricing.
New retention and protection policies can often be painful, and can result in capacity growth, which also adds up to growing costs. While policy-based management can move data to the most effective storage, pruning and destroying files at the moment they are no longer needed not only ensures compliance, it conserves capacity costs.
Traditional data protection usually captures data and files that have recently changed, and sends a copy to secondary storage. It is effective for general-purpose needs, but data retention regulations such as the GDPR can have very precise, granular requirements. In addition to setting specific protection policies, organizations need to be able to verify their practices, so that they can quickly produce data upon request of auditors or litigators.
Long-term retention means exactly that, and data must be secure yet accessible. Retaining files in an open data format ensures it will be readable in the future, even when storage technology and media platforms change, and even if a vendor is no longer in business.
For more information aboug GDPR visit https://www.eugdpr.org. For more information about how Aparavi’s data retention policies help ensure compliance of government regulations by enabling organizations to master out-of-control unstructured data growth for greater efficiency, better management and lower costs, interested parties can visit https://www.aparavi.com/.
Aparavi Active Archive helps organizations master out of control unstructured data growth with protection, retention, and archive. Delivering both on-premises and multi-cloud mobility, Aparavi delivers true storage independence, and together with an open-data format removes vendor lock-in forever. Aparavi slows secondary storage growth by 75% with guaranteed availability regardless of how long data is retained, and pays for itself in reducing sedondary storage spend. A pay-as-you-go model based on usage eliminates up-front expenditures for a better return-on-investment.