The first year of activity after GDPR (General Regulation on Data Protection) enforcement shows that over 5,000 complaints and reclamations have been officially registered in Romania. Even though the authorities’ measures were rather corrective, the figures force companies to reassess their way of ensuring not only data security but also the level of availability and control over them. But what is the link between back-up and GDPR and how can Datanet Systems help?
When it comes to the challenges GPDR has generated, the first thought in everybody’s mind goes to security breaches. And rightly, given that in the first year of GDPR enforcement around 90,000 notices on data breach have been gathered at the European level. (391 of them came from Romania, according to the balance sheet presented by ANSPDCP available HERE)
A second issue – seemingly insignificant, but high on top of complaints – is respecting the customers’ “right to be forgotten” by organizations. Deleting information about a client becomes complicated when companies use incremental backup solutions and snapshots and especially if the data is “scattered” through relational databases and spreadsheets.
A third challenge is that provided for in Article 32 of the Regulation, which clearly states the obligation for organizations to demonstrate: “the ability to restore the availability of personal data and access to it in a timely manner if there is a physical or technical incident”.
Where problems in meeting GDPR requirements arise
However, statistics show that many companies have a lot to improve regarding data backup and restoration processes. For example, a study conducted two years ago shows that 35% of companies did not use any backup solution, and a quarter of those who had implemented backup solutions did not manage to make them work properly. The reasons these situations occur are numerous.
On the one hand, data volumes in each organization are constantly increasing, growth estimated at 50-60% annually (according to Forrester Research). For an inexperienced company that is also lacking the necessary competences, it is difficult to estimate how much storage space it needs in the future, especially as more and more categories of data have to be kept for a long time, although their access frequency is low.
On the other hand, a large number of companies that decide to adopt a backup solution do not take into account the “related” infrastructure requirements. For example, if the SAN you are using is old and slow and does not deliver IOPS (Input/output operations per second) at the required level, regardless the novelty of the backup solution implemented, you will not be able to restore the data in the desired amount of time.
The third reason derives from the first two – the costs. The financial effort to implement and maintain a viable backup system is consistent. And that’s because you need software solutions, servers, storage products appropriate to the processes and types of data your company operates (from SSDs and HDDs to clusters or cloud services), infrastructure upgrades, etc. Choosing and combining all of these components should be done in accordance with the availability requirements that must be met by all organizations, but also with the specific needs of your company.
Choosing the right partner guarantees your success
The problem is that not many companies have the expertise to overcome these challenges. The situation is complicated by the fact that, for the “beginners” in this field, the vast majority of backup solutions seem to have similar functionalities. But implementation differs. Therefore, in such cases, calling on a partner with experience in the field, such as Datanet Systems, is an absolutely necessary condition.
Datanet specialists can help you choose and deploy the appropriate backup solution to your company’s needs and budget, in an architecture that will allow both the capitalization of existing hardware resources and also the gradual expansion of the infrastructure according to the evolution of needs.
Datanet Systems has an extensive portfolio of backup solutions appropriate to the GDPR context
Additionally, Datanet Systems has an extensive portfolio of backup solutions that includes high-performance products from market leaders in this area: Dell EMC and VEEAM.
For example, Avamar is a complete Dell EMC solution that integrates both software and hardware components and facilitates running backup processes across the entire infrastructure ranging from virtual machines and NAS servers to laptops and enterprise applications. The solution integrates proprietary deduplication technology (Variable-Length Deduplication), which decreases backup and restoration time for data and also decreases the volume of stored data.
Data Domain is another backup, archiving, and Disaster Recovery market leader solution. Available on-premises and virtual, the Dell EMC product reduces the amount of storage space required (with a ratio of up to 55:13), is remarkable for scalability (up to 150 PB managed with one device), and can achieve transfer speeds of up to 68 TB / hour.
In turn, VEEAM solutions offer high-performance levels. For example, Veeam Backup & Replication is a “two-in-one” (data backup and replication) solution that can be used in Hybrid Disaster Recovery architectures by integrating on-premises infrastructure and Cloud public services. The solution can be easily integrated with both Cloud (AWS and Azure) environments, as well as critical business applications (including SAP HANA and Oracle RMAN).
How you can meet the full range of GDPR requirements
Datanet Systems can help you meet the full range of GDPR requirements, not just in the data availability area, but also in terms of protecting them. Our company has experience and competence in the field of critical infrastructure deployment and development, as well as multi-disciplinary teams that can develop and implement coherent security systems and provide full support and maintenance services. If you want to find out how you can achieve the desired GDPR compliance level, swiftly and with minimal effort from your company, contact us at firstname.lastname@example.org.