As many of you will know, today is Data Protection Day, or Data Privacy Day, as it is known in the US. This is the anniversary of the Council of Europe’s Convention number 108 being signed.

 

This convention aims to regulate the flow of personal data across borders, as well as the processing of sensitive personal data, and with it, individuals also have the right to know where their personal data is stored, and to have this corrected when necessary.

 

As individuals’ personal data has become increasingly accessible and difficult to remove, there’s been a need to re-assess how we process and safeguard our data footprint.   There is currently a lot of discussion around data protection laws in the EU and the US, much of which is driven by last year’s European Court of Justice ruling stating that Safe Harbor can no longer be used as a way to transfer/share data between the US and the EU. In light of this, there is a need for organisations globally to re-consider how they approach data protection and data privacy.

 

While we await decisions on data protection rulings, one thing is certain: organisations should take the time to evaluate the way that they handle and protect data that they are responsible for. For those unprepared for legislative changes, there is a hefty fine of 4% revenue to pay for non-compliance. Having control over where data is stored and ensuring that it’s correctly protected has never been more critical.

 

To remain compliant, an effective data management infrastructure is essential. Whether data is stored on-premises or with an external public cloud provider, organisations should ensure that data is collected, processed, accessed, shared, stored, transferred and secured in lawful ways. Ideally, there should be flexibility for data to be integrated, managed and replicated across different storage systems and cloud vendors, so that it can be controlled, moved and also deleted if necessary.

 

Our NetApp clustered Data ONTAP storage operating environment helps with this. It can be used across cloud and on-premises infrastructures to create a Data Fabric that acts as a single system, meaning that data is more easily managed, controlled and can be bi-directionally moved between different clouds or on-premises data centres. This helps with the issue of compliance for both organisations and cloud service providers.

 

NPS.jpg

 

Another increasingly popular option is to use NetApp Private Storage for Cloud, where data is essentially stored ‘next to the cloud’ by securely locating the data storage in a colocation data centre connected by a low-latency link to a public cloud provider such as; AWS, Azure, or SoftLayer for the compute element. This approach is very well illustrated in this blog from my colleague Herbert Bild, in which he outlines what our customer DARZ is doing in Germany.

 

Almost like a “New Year, New You” fitness regime, this year’s Data Protection Day is a useful time for organisations to take stock of their data management systems to ensure data is correctly protected to meet future compliance regulations.

mm

Martin Warren

Martin Warren is EMEA Cloud Solutions Manager at NetApp. Based in the UK, Martin has many years of experience working in data protection, data storage, virtualization, cloud, big data and networks. In his current role, Martin is responsible for NetApp’s EMEA cloud strategy and solutions with a focus on driving business growth and aligning NetApp’s cloud offering with customer and partner demand.

Martin is a specialist in private, public and hybrid cloud solutions, including the aspects of data storage and data management. He provides advice to businesses on the advantages and impact of different cloud and data storage solutions, helping them to meet their goals. In addition, Martin is a subject matter expert on the EU’s General Data Protection Regulation (GDPR).

Prior to joining NetApp, Martin held positions at Symantec, Sun and StorageTek. He also worked at IT service delivery and consultancy companies Misys and 4Front Services, advising businesses on adopting IT services specifically from a blended approach.