Regulations have proliferated beyond a concentration in a single industry (such as the financial community) or geographical region (such as Europe). Companies do business globally, and the importance of data is causing new regulations like the California Consumer Privacy Act (CCPA) to emerge. At the same time, consumers have become much more informed and skeptical when it comes to how their information is being stored and used. Data privacy goes beyond strictly an issue of complying with regulations and becomes a competitive differentiator for the business. There are a few major problems for storage professionals to solve, however, to meet data privacy requirements.
The first problem is that enterprises don’t have a complete picture of what data is being stored, where it is being stored, and who has access to and is responsible for their data. The vast majority is unclassified, and many organizations do not have defined roles and responsibilities, such as a Chief Data Officer, to instill responsibility over data governance.
The first problem really becomes a headache when we consider that data is siloed, being created and stored across a wide range of devices, platforms and infrastructure resources. Data has also become mobile. It is no longer confined to the walls of the enterprise data center. For example, employees are accessing data on their smartphones, and data may be shared with a business partner – and all without the knowledge of IT.
Another part of the problem is that many enterprises are using backup technologies such as snapshots for long-term retention, as opposed to the quick recovery of timely and critical data that they were designed to facilitate. Far and away, most recoveries come from the most recent data copy – rather than from weeks, months or years prior. This becomes a problem when data must be located and/or deleted to adhere to a data privacy regulation or request (such as GDPR’s “Right to be Forgotten”). Backup jobs were not designed such that a single file can be removed from the middle of a backup job without disrupting the integrity of the backup job.
What IT professionals really need to meet modern data privacy requirements is an intelligent and value-based approach to end-to-end lifecycle data management and governance that leverages a scalable and searchable archive storage tier. To learn more, watch Storage Switzerland’s on demand webinar with Hitachi Vantara, “Designing Storage Architectures for Data Privacy, Compliance and Governance”.