Support for GDPR - An Actionable Approach
The EU General Data Protection Regulation (GDPR) fundamentally changes how organizations manage personal data. Giving citizens the right to access, rectify, erase, restrict, and migrate their personal content existing in any data center that does business in the European Union.
Index Engines' technology delivers extensive search and management solutions that empower you to find all personal data under management with considerable precision and meet or exceed the requirements of the regulation through implementation of powerful indexing technology. Index Engines supports all classes of data from primary storage to legacy backup data.
Index Engines has architected the following workflow allowing you to make easy work of compliance with the GDPR
Step 1: Classify Data
Attempting to find and manage personal content among massive data environments that can reach the petabyte scale is challenging for any enterprise. Index Engines powerful and efficient metadata level indexing technology can make easy work of this task. Indexing at unprecedented speeds, metadata is captured and data can be classified and more manageable collections.
With data organized, future requests for personal data can be focused on the 'In Scope' data set, making the task of finding and managing the content more targeted and achievable.
Step 2: Search and Find Personal Data
The definition of personal data in accordance with the GDPR is vast and vague. This is another reason that people believe that makes finding and managing what the regulatory body defines as personal data is a complex and daunting challenge. Powerful and comprehensive search technology is at the core of the Index Engines platform. Search options include keyword, pattern/regular expression (RegEx) (learn more here), and conceptual search, which can all be combined with Boolean operators.
No other solution can provide a combination of extensive search options that will allow you to find all personal data under management with considerable precision.
Step 3: Manage and Secure Personal Data
Built into the Index Engines platform are integrated disposition options to easily migrate, secure, archive, and defensibly delete content based on data policies. Based on the classification and queries implemented in the steps above some intelligent disposition options could include:
- ROT Clean Up: Migrate data with no value to the cloud to reduce costs, or purge it if possible to save resources.
- Out of Scope Data: Monitor for any changes that could impact support of the regulation.
- In Scope Data: Manage in support of the regulation, and secure sensitive content in the integrated archive.
To ensure that data is continually managed and protected, Index Engines has implemented a range of automation features that will monitor data and automatically mange the disposition. Features such as stored policy queries with email notifications, automated reporting and archiving, defensible activity logs and audit trails streamline the management of data on an on-going basis to ensure compliance.
ROI from GDPR Compliance
The effort to implement technology in support of the GDPR can in fact pay for itself. Many organizations have implemented a ROT clean up effort that has reduced the costs in the data center. Organizations can reduce their data capacity as much as 40% by migrating aged, redundant and trivial content from the data center, either to the cloud or deleting it. Not only does this free up data center resources, but reduces data protection requirements, and controls long term risk and liability.
Index Engines is the only solution that delivers:
- Petabyte class indexing technology
- Support for all classes of data, including legacy data on backup tapes
- Comprehensive search and reporting
- Integrated management and disposition capabilities
- Secure archiving to support secure preservation and access
Managing sensitive data, ensuring it does not get in the wrong hands is a key aspect of the GDPR. Index Engines delivers a number of key features that support the protection of personal data, monitoring it to ensure its safe from bad actors.
- Find and secure personal content
- Report on file activity logs to determine who has accessed sensitive content
- Report on Access Control Lists (ACLs) to determine who has read/write/browse permission for specific content
- Ability to proactively clean up sensitive data so it does not breach the fire wall
Support for the Data Protection Officer (DPO)
The role of the Data Protection Officer (DPO) is to educate, monitor, audit and assess policies enacted in support of the regulation. They must answer to the regulatory body when inquiries are initiated. Index Engines delivers a number of key capabilities aimed at supporting the DPO:
- A defensible and auditable process that will stand up to scrutiny
- Reports and analysis to proactively stop bad actors
- Easy access and management of personal data
No other technology can meet the demands of the EU GDPR and also deliver cost control and ROI.
Contact us to learn more about how Index Engines' technology gets organizations ready for the GDPR.