Data privacy is a universal concern for enterprises, and not only because of the rise of regulations such as the European Union’s General Data Protection Regulation (GDPR). By and large, consumers have higher expectations in terms of how businesses are using their data. As a result, enterprises are pressured to:
- Obtain greater transparency into what data they are storing and how they are storing it.
- Better ascertain the value of the data they are storing, to the business and to users.
- More quickly identify and remediate breaches.
- Better integrate the processes of backing up, recovering and removing copy data.
To adhere to the stricter data privacy paradigm, storage managers should consider investing in more intelligent data management and governance tools as well as practices that utilize object storage as a centralized and searchable data repository.
Embrace Active Archive; Limit Backup Usage
As Storage Switzerland frequently advises, backup storage technologies should be used to recover the most recent copy of production data, and not to archive data for long-term retention (as is commonly done by enterprises today). The vast majority (on average, 90% or more) of recoveries come from the most recent copy, creating the opportunity to migrate a large majority of copy data to object storage, which uses a flat address space and extensive metadata tagging to offer greater scalability and more extensive data searching and analysis than file and block alternatives.
Shift to Intelligent, Value-Based Data Governance
With a centralized and more searchable storage infrastructure in place, the next step in adapting to modern data privacy requirements for enterprises is to adopt data governance policies that can factor in not only where a file is located from a compliance and risk mitigation perspective, but also what the file contains, to better understand the data’s impact on the business. For example, a value-based data governance solution might be able to track and identify granular file patterns, as well as if the file contains sensitive personally identifiable information (PII). Based on this intelligence, policies can be created to determine how long a file should be retained, as well as if and when the file should be normalized by removing sensitive PII. When combined with object storage, this also bodes for powerful centralized indexing and searching.