How to Prepare Your Organisation for GDPR Compliance

The EU’s General Data Protection Regulation (GDPR) was approved last year, and the enforcement date of May 25, 2018 is fast approaching. After that, organisations found to be in non-compliance will face heavy fines. With only nine months until the enforcement date, it’s important to understand the potential problem areas in your data storage architecture and how you can improve it in time to be GDPR-compliant.

 

What is the GDPR?

The GDPR was designed to harmonize data privacy laws across Europe, bolstering privacy protection for EU citizens and empowering them to better control how their data is used. The regulation introduces the ‘Rights of the Data Subjects’, which essentially states that data belongs to the individual, not the organisation. For individuals, this means that they can access their personal data that’s being stored, and can request changes or even removal. They also have the right to compensation if their rights are violated. For organisations, information must be held only as long as it’s required, and in many cases they’ll need to appoint a Data Protection Officer to ensure that personal data is not compromised.

Organisations are now facing challenges interpreting what the new regulations mean to them and understanding what they need to do to ensure compliancy. Just deploying technology is not a good answer here, as organisations need to understand the data they are storing to ensure they have a legitimate reason for holding this data. It’s important to keep in mind six core principles when storing personal data. Data must be:

  • Processed lawfully, fairly, and transparently
  • Collected for specified, explicit, and legitimate purposes
  • Relevant and limited to what is necessary
  • Accurate and up to date
  • Retained for only as long as necessary
  • Processed in an appropriate manner to maintain security

The Path to GDPR Compliance

Because of the greater control individuals have over their personal data, it is the organisation’s duty to ensure that nothing happens to that data. There are two big questions you should ask yourself when assessing how compliant your organisation is with the GDPR:

1. Is the data protected?

If the personal data your organisation stores ends up compromised, the organisation will be held accountable. You must make sure your data is protected from:

  • Device failures – This includes any physical storage component, such as disk drives, storage controllers, and data centres.
  • Logical/soft failures – This refers to human errors such as accidental deletion/overwrite, as well as viruses and file data corruption. This currently accounts for up to 80% of data losses.
  • Security breaches – Data must be secure from forceful entry/hacks.

Data availability must be guaranteed not only for the security and privacy of personal data, but also in the event that individuals want to make changes to their data.

2. Can I find the data?

The second question you should ask is around data location awareness. If someone requests their personal data, would you be able to quickly locate and procure it? Not only does the data you’re storing need to be housed in GDPR-compliant systems and data centres, but the data itself needs to be searchable and well-organised. If you are not able to produce the requested data in a timely fashion, you may face fines under the new regulations.

 

Turning to Object Storage

One way you can start moving your organisation towards GDPR compliance is by looking to object storage. The inherent capabilities of object storage give you some real advantages in achieving compliance:

Customizable metadata tags: To ensure compliance, you must be able to find information. Traditional file systems only allow you to view limited metadata information on a file, such as the owner and the date created. With object storage metadata, you have no limit on how you tag your data, making it easily searchable for data requests.

Scalability: When data is consolidated, it’s much more easily searched and checked for duplicate records. The limitless capacity of object storage makes it feasible to consolidate data to a single, searchable pool.

Data protection features: Data must be available at all times. With data protection features such as erasure coding, replication, and multi-tenancy (to segregate users), you can ensure that data can still be retrieved no matter what situations arise.

Full GDPR compliance will not be an easy task, but you can start prepping your organisation for the enforcement date by making sure your data is protected, available, and searchable.

 

 

 

Data Management Partners Unite to Provide Comprehensive Object Storage

We just announced our Data Management Partners program to help our customers solve more capacity management problems in less time. The program combines technology, testing, and support to make it easy to put object storage to work. Inaugural members of this program are Rubrik, Komprise, Evolphin, and CTERA Networks.

Here’s why this program is exciting: object storage has the potential to solve many capacity management problems in the data center. It’s 2/3 less costly and infinitely scalable. In a recent survey, Gartner found that capacity management was the #1 concern of Infrastructure and Operations managers, so these are important benefits.

The question is how to get started with object storage? You can piece together solutions on your own, but that can be risky. We’ve done the homework for you and proved out these solutions.

The Solution for Unstructured Data Consolidation

These solutions solve capacity-intensive challenges where Cloudian’s scalability and cost benefits deliver huge savings. Cloudian consolidates data into one big storage pool, so you can add as many nodes as you want. With one set of users, groups, permissions, file structures, etc, storage managers see still only see one thing to manage. This cuts management workloads by 90% and makes it possible to grow with less headache and cost.

Solution areas in this program include:

  • Data protection: Rubrik and Cloudian together unify and automate backup, instant recovery, replication, global indexed search, archival, compliance, and copy data management into a single scale-out fabric across the data center and public cloud.
  • Data lifecycle management: Komprise and Cloudian tackle one of the biggest challenges in the data center industry, unstructured data lifecycle management, with solutions that offload non-critical data that is typically 70%+ of the footprint from costly Tier-1 NAS to a limitless scalable storage pool.
  • Media active archiving: Evolphin and Cloudian help media professionals address capacity-intensive formats (e.g., 4k, 8k, VR/360) with the performance to handle time-pressed workflows.
  • File sync and share: CTERA Networks and Cloudian provide enterprises with tools for collaboration in capacity-rich environments.

Reducing Risk with Proven Partners

This program is 100% proven solutions. All are deployed, with customers, in live production data centers, right now. They solve real capacity management problems and do not create new problems along the way.

Object storage is seeing rapid adoption. It costs significantly less than traditional storage and fixes the capacity problem with infinite scalability. If you’re looking into object storage, make sure you’re getting a complete solution, though. Learn more about our Data Management Partners today.

 

Cloudian Moves Private Cloud Beyond Backup

In a data protection application, Cloudian acts as a backup target. To excel in this role, the system of course needs to be scalable, fast, and cost effective. But most importantly, it must ensure that data is never, ever corrupted or lost. Fortunately, data durability was the #1 design goal of Cloudian HyperStore.

Storage Switzerland recently wrote a product analysis of our HyperStore solution, and the verdict is very positive. Read on to understand why Cloudian is “an ideal storage target for backups and archives” and “a system that organizations should seriously consider for all their storage needs.”

Effective Backup and Archive

In a data protection application, Cloudian acts as a backup target. To excel in this role, the system of course needs to be scalable, fast, and cost-effective. But most importantly, it must ensure that data is never, ever corrupted or lost. Fortunately, data durability was the #1 design goal of Cloudian HyperStore. Our HyperStore object storage solution offers robust data protection features that can protect your data from incidents of all kinds, including drive failure, node failure, even the failure of an entire data center, if that’s the level you require.

Features that support our 14-nines data durability include:

  • Erasure coding
  • Data replication across nodes or across sites
  • Hybrid cloud integration, that enables replication to the public cloud
  • Proactive repair
  • Data GPS, which helps you locate objects
  • Repair-on-Read, which automatically checks replicas for missing or out-of-date copies and then replaces or updates them
  • Smart Redirect, which creates a local cache replication as well as an Amazon S3 copy

Beyond backup applications, Cloudian HyperStore can play multiple other roles within your data center.

 

Multiple Applications, One Storage Pool

Other Cloudian use cases include:

  • NAS file server offload
  • Media archive management
  • File sync and share storage

Because Cloudian is a scale-out cluster, all of these can co-exist in a single, limitlessly scalable namespace.

We offer both a software solution and multiple hardware appliances which let you start with a small deployment (a few dozen TBs) and then scale up to multiple PBs and beyond.

 

AI and Machine Learning: The Future of Object Storage

Soon you will be seeing object storage widely used in the next big storage driver: data pools that support AI and Machine Learning. Object is ideal for this due to its scalability and integrated metadata support.

Check out the Storage Switzerland piece to learn more. You can read the full piece here or check out our solutions.

 

5 Reasons to Adopt Hybrid Cloud Storage for your Data Center

Are you weighing the benefits of cloud storage versus on-premises storage? If so, the right answer might be to use both–and not just in parallel, but in an integrated way. Hybrid cloud is a storage environment that uses a mix of on-premises and public cloud services with data mobility between the two platforms.

IT professionals are now seeing the benefit of hybrid solutions. According to a recent survey of 400 organizations in the U.S. and UK conducted by Actual Tech, 28 percent of firms have already deployed hybrid cloud storage, with a further 40 percent planning to implement within the next year. The analyst firm IDC agrees: In its 2016 Futurescape research report, the company predicted that by 2018, 85 percent of enterprises will operate in a multi-cloud environment.

Hybrid has piqued interest as more organizations look to the public cloud to augment their on-premises data management. There are many drivers for this, but here are five:

  1. We now have a widely-accepted standard interface.

The emergence of a common interface for on-prem and cloud storage changes everything. The world of storage revolves around interface standards. They are the glue that drives down cost and ensures interoperability. For hybrid storage, the defacto standard is the Amazon S3 API, an interface that began in cloud storage and is now available for on-premises object storage as well. This standardization is significant because it gives storage managers new flexibility to deploy common tools and applications on-prem and in the cloud, and easily move data between the two environments to optimize cost, performance, and data durability.

  1. Unprecendented hybrid scalability delivers operational efficiency.

Managing one large, scalable pool of storage is far more efficient than managing two smaller ones. And hybrid storage is hands-down the most scalable storage model ever devised. It combines on-prem object storage – which is itself scalable to hundreds of PBs – with cloud storage that is limitlessly scalable, for all practical purposes. This single-pool storage model reduces data silos, and simplifies management with a single namespace and a single view — no matter where the data originated or where it resides. Further, hybrid allows you to keep a copy of all metadata on-premises, ensuring rapid search across both cloud and on-premise data.

  1. Best-of-breed data protection is now available to everyone.

Data protection is fundamental to storage. A hybrid storage model offers businesses of all sizes incredible data protection options, delivering data durability that previously would have been affordable to only the most well-heeled storage users. In a hybrid configuration, you can backup data to object storage on premises, then automatically tier data to the cloud for long-term archive (Amazon Glacier, Google Coldline, Azure Blob). This gives you two optimal results: You have a copy of data on-site for rapid recovery when needed, and a low-cost, long-term archive offsite copy for disaster recovery. Many popular backup solutions including Veritas, Commvault and Rubrik provide Amazon S3 connectors that enable this solution as a simple drop-in.

  1. Hybrid offers more deployment options to match your business needs.

Your storage needs have their own nuances, and you need the operational flexibility to address them. Hybrid can help with more deployment options than other storage models. For the on-premise component, you can select from options that range from zero-up-front cost software running on the servers you already own, to multi-petabyte turnkey systems. For the cloud component, a range of offerings meet both long-term and short-term storage needs. Across both worlds, a common object storage interface lets you mix-and-match the optimal solution. Whether the objective is rapid data access on-premises or long-term archival storage, these needs can be met with a common set of storage tools and techniques.

  1. Hybrid helps meet data governance rules.

External and internal data governance rules play a big part in data storage planning.  In a recent survey, 59% of respondents reported the need to maintain some of their data on premises. On average, that group stated that only about half of their data can go to the cloud. Financial data and customer records in particular are often subject to security, governance and compliance rules, driven by both internal policy and external regulation. With a hybrid cloud model, you can more easily accommodate the changing needs. With hybrid, you can set policies to ensure compliance, tailoring migration and data protection rules to specific data types.

While many are seeing the natural advantages of hybrid, some are still unsure. What other factors play in that I haven’t mentioned? With more and more being digitized and retained into perpetuity, what opportunities is your organization exploring to deal with the data deluge?

Shifting Technology Habits and the Growth of Object Storage

Technology is, for many of us, a vital and inextricable part of our lives. We rely on technology to look up information, keep in touch with friends and family, monitor our health, entertain ourselves, and much more.

space

However, technology wasn’t always so ubiquitous – it wasn’t too long ago that our wireless phones had limited features and even fewer users actually using these features. Here’s the breakdown from 2004, according to a study from the Yankee Group:

This means that just over 10 years ago, less than 50% of cell phones had internet access and less than 10% had cameras. Even with 50% of phones having internet access, only 15% of users took advantage of this feature.

pew research center

By contrast, look at this survey conducted by Pew Research in 2014:

Among the 18-29 age group, text messaging and internet are more frequently used features than phone calls, which is indicative of the tremendous shift in technology use over the past few years. This study doesn’t even cover a major feature that many users use their phones for: pictures. As younger users turn almost exclusively to smartphone cameras for their photos (and, of course, #selfies), they turn to photo-sharing sites to host and display their images.

Photos are just one type of the ever-growing deluge of unstructured data, though. For enterprises, unstructured data also includes emails, documents, videos, audio files, and more. In order for companies to cost-effectively store this data (while keeping it protected and backed up for end-users), many of them are starting to turn to object storage over traditional network-attached storage (NAS).

Some of the benefits of object storage include a lower total cost of ownership (TCO) and the ability to easily scale up as data needs grow. That by itself is not enough, though. With a solution like our very own HyperStore, in addition to the affordable price (as low as 1c per GB per month) and infinite scalability (from tens of terabytes to hundreds of petabytes), we offer easy management and access control, plus strong data protection with both erasure coding and replication settings. You can read about all of HyperStore’s features and benefits here.

Unstructured data use is only going to continue to grow. Smartphones and other data-intensive technologies will only become more prevalent, and you’ll want to be prepared to meet that growth. Learn more about Cloudian’s hardware and software solutions today.