In today’s digital economy, with its increasing vulnerabilities and regulations around data, how your business information is stored, accessed and protected — both now and in the future — must be an essential piece of your business strategy.
In the U.S., two well-known legislative acts from the late 1990s, the Sarbanes-Oxley Act (SOX) and the Health Insurance Portability and Accountability Act (HIPAA), created immediate and ongoing complexities around data privacy. As of May 25, 2018, the European Union is enforcing the General Data Protection Regulation (GDPR). This new legislation is designed to give EU consumers control over their personal data, how it is stored, who has access to it and its integrity throughout its life cycle. Any EU-based or multinational corporation needs to comply or face penalties. But did you know that any company doing a digital business transaction with a customer physically located in the EU must also comply? This is just the tip of the data protection iceberg.
This mandate, and others like it that are certain to come, make simplifying the protection and management of stored data an imperative. The best defense? Creating a modern, proactive strategy to protect stored organizational data when doing system backups.
Recovery is the other piece of the data protection equation and a big challenge for CIOs, who face increasingly longer recovery timeframes and more pressure from users for zero downtime. On top of that, when you look at the cost of downtime, the numbers can be staggering. [Full disclosure: My company offers data recovery services.] Here’s why it’s time to prioritize data protection, as well as what you should look for in a robust data protection strategy.
Why Modern Data Protection Is A Must
Traditional data storage systems retain and back up large data sets, all at one time. This old-school approach involves storing business data on disk drives and hardware and is simply not designed to deliver on compliance challenges in this new age of policy-driven user rights and regulations. It changes the data protection game because you cannot legally retain data for a longer time than specified. In addition, traditional backup is not reliable, putting your data at even more risk.
The fast pace of today’s complex enterprise environment combined with increasing compliance requirements threaten to make traditional storage even more complicated — with inflexibility, slow performance, failure rates and storage silos becoming a business liability.
Five Essential Data Protection Strategies
An optimal modern data protection strategy needs record retention policies for easier data management, e-discovery, governance and proof of compliance. Here are five tips to create a simplified and robust data protection strategy:
1. Identify all data created and owned by your business, wherever it resides.
2. Classify user-identifiable data, including user-generated data (from website or mobile app interactions) and data generated on behalf of the user (by third parties).
3. Simplify your data center and distributed business environment with fast, easy access to stored data.
4. Give your IT infrastructure the capability to provision and reallocate resources as needed in a dynamic, software-defined storage environment.
5. Ensure replication occurs at a separate disaster recovery location so that you have access to a complete second copy of your data if the primary copy fails. You can replicate at the storage-array level, the appliance level or the host-server level.
Regulatory challenges amplify the value that modern data protection strategies can bring to the table. Years of knowledge in traditional backup and recovery have provided a solid foundation for managing data. However, in an era where budgets are flat or declining, the ability to protect data without introducing added complexity and cost, all while staying compliant, is imperative.
Focusing on a robust data protection strategy that delivers the performance that today’s businesses demand while providing the ability to set flexible policies that govern data access and delivery is a recipe for success, both right now as GDPR looms large and for future regulatory decrees. Be ready for whatever compliance challenges confront your business with an optimized environment that simplifies storage management and ensures data integrity -- with no decrease in performance. This will strongly position your business as compliance ready.
