The Datamax Thinking Blog

Educating, collaborating, and sparking ideas for maximizing the technology that matters.


GDPR Compliance: How Does Your Data Security Technology 'Stack' Up?

blog_gdpr_stack

Even if your organization is based in the U.S., it could have a significant impact on you and your business. Every organization that processes or controls any data pertaining to EU citizens must be in compliance with the new regulation.

We share private information online today, almost subconsciously.

Downloading Apps. Online transactions. Signing up for that “free whitepaper,” filing out a survey or even hitting the “like” button on Facebook.  Consumer data today is premium fuel for businesses all over the world.

For European Union citizens and their personal data, those fuel prices are being regulated. With the passing of the General Data Protection Regulation (GDPR) Legislation on May 25, specific measures are being taken to protect data privacy for EU citizens and, in that same breath, hold businesses and organizations accountable for the data they currently collect, store and secure.

So What is “Personal Data?”

GDPR defines it as any information related to a person such as a name, a photo, an email address, bank details, updates on social networking websites, location details, medical information, or a computer IP address.

So How Does it Affect Me?

Even if your organization is based in the U.S., it could have a significant impact on you and your business. Every organization that processes or controls any data pertaining to EU citizens must be in compliance with the new regulation…. Or face potentially steep penalties.

  • Does your organization have a web presence, and do you specifically market products over the web?
  • Are there financial transactions from your website involving entities within the member countries of the EU?
  • Do you collect personally identifiable information (PII), aka personal data, for marketing purposes from individuals within the EU?

If so, GDPR Compliancy must be security components must be addressed with your organization. Is your technology stack equipped to meet the requirements?

Four areas in which Datto can help support GDPR Compliance:

1. Data Integrity and Business Continuity

An important part of GDPR compliance is the ability to ensure ongoing confidentiality, integrity and availability of processing systems and services. It is also critical to be able to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.

Datto Continuity and SaaS Protection 2.0 deliver these services by giving you the ability to restore data quickly, in the way you need, for the length of time that you need to do it.

2. Data Retention

Under the GDPR, it is important to determine how long you would like to retain your data. Datto provides a number of options to tailor local and cloud data retention schedules. These options are set by default in certain plans and manually in others.

With Datto’s proprietary Inverse Chain Technology, you also have the ability to delete any snapshot both locally and in the cloud. Deleting any snapshot or group of snapshots will not affect your other backups and thus gives you the ability to keep an efficient set of backup data.

3. Data Storage

Under the GDPR, it is important to know where data is stored. Datto Continuity is a hybrid cloud solution designed to store backups of protected machines; one backup copy is stored where you have your servers and another backup copy is stored in Datto Cloud.

Datto SaaS Protection 2.0 is a cloud to cloud solution, designed to store a copy of SaaS application data in the Datto Cloud.

Datto Continuity and Datto SaaS Protection 2.0 offer cloud storage in different geographic locations, including in Europe. A conversation with your MSP prior to implementation about  geographic data storage location may be appropriate. This location can be changed later based on your needs.

You can also check where your cloud data is stored or request to move your cloud data with both Datto Continuity and Datto SaaS Protection 2.0. 

4. Data Encryption

Under the GDPR, keeping your data secure is essential. Datto Siris offers local data encryption as an option for added security on top of what Datto already securely transmits and stores in cloud data centers.

With Datto SaaS Protection 2.0 data is transmitted from cloud locations like Office 365 and G Suite in an encrypted form to the Datto Cloud and is stored on secure servers.

Are you confident with how well your company is protecting the confidential client information you store? Are your systems securely protecting vital, business critical data? Not sure? Let’s talk!

Learn Why A Technology Assessment Should Be On Your List ›

Source: Datto (www.datto.com)

Topics: Technology Security Privacy Network Management Technology Support Business Continuity