Transcription
360 DATA MANAGEMENT FOR GDPRENTERPRISE-READY COMPLIANCESolution Brochure
‘‘You may delay,but time will not.’’– Benjamin Franklin‘‘ By the end of 2018, over 50% of companiesaffected by the GDPR will not be in fullcompliance with its requirements.’’
Mark your calendars. On May 25, 2018, the European Union will enact the most sweepingdata privacy regulation the world has ever seen—the General Data Protection Regulation.Data management will never be the same.Digital transformation initiatives are the top priority for CEOsand CIOs around the globe. Accelerating adoption of new ITservices and technologies is widely recognized as one of themost critical drivers for future success. But it’s not without risk.As speed and experimentation are favored over security andcompliance, data protection falls victim to relaxed oversight.54 percent of organizations havenot started preparing for GDPR.1In 2016, the number of data breaches jumped 40% year-overyear.2 Now more than ever, personal data is at risk of being lostor stolen. To counter this growing challenge, governments arestepping up and implementing robust regulations to ensure thatpersonal data is protected. Organizations are required to followstrict data management guidelines or be subject to substantialpenalties and fines.The General Data Protection Regulation (GDPR) is by far andaway the most comprehensive global data privacy regulationever developed. Organizations have two choices: Get GDPRready or face the tcenter.org/2016databreaches.html
KEY MANDATES DEFINED BY THE REGULATIONGDPR Requires Comprehensive Reform and Prompt ActionACCOUNTABILITY &GOVERNANCEMaintain relevant documentation on dataprocessing activities. Implement measuresthat demonstrate compliance.STORAGE LIMITATIONPersonal data may not be kept for longerthan is necessary for the purpose for whichit’s processed.BREACH NOTIFICATIONINDIVIDUALS’ RIGHTSA notifiable breach has to be reported to therelevant supervisory authority within 72 hoursof the organization becoming aware of it.An individual may request the deletion orremoval of personal data when there is nocompelling reason for its continued a-protection-reform/overview-of-the-gdpr/4
ARTICLE 83 HAS SHARP TEETHNon-Compliance can resultin fines up to 20millionor 4% of Annual Turnover,whichever is higher5
‘‘ IDC sees Veritas as one of the few companiesthat has shown real appetite in understandingthe potential impact of the GDPR, and itis using it as a foundation to design andintegrate solutions.’’Veritas Helps Organizations Become GDPR-Ready and Data-Drivenwith an Expanded Information Management PortfolioJanuary 20176
360 DATA MANAGEMENT FOR GDPREnterprise-Ready ComplianceAN INTELLIGENTAPPROACH TOGDPR COMPLIANCE1.2.3.Pinpoint GDPR MaturityMap & Classify AllUnstructured Personal DataProtect & Delete Dataas NecessaryORY OTECTMINIMIZE
LOCATE DATA FOR GDPR COMPLIANCEMONITORGlobal Data Visibility Produces Accurate Data MapsRELEVANT GDPR ARTICLE(S): 30VERITAS COMPONENTSInformation MapData InsightVERITAS UNIQUE APPROACH1.Find file type, ownership, age, andlocation in as little as 24 hours.2.See a real-time picture of yourenvironment with continuous monitoring.3.Initiate downstream data remediationthrough integrated actions he critical first step in complying with GDPR is gaininga holistic understanding of where all the personal dataheld by an organization is located.Building a data map of where this information isbeing stored, who has access to it, how long it isbeing retained, and where it is being moved is key tounderstanding how the business is processing andmanaging personal data.8
SEARCH DATA FOR GDPR re Indexing Powers Personal Data InvestigationsSEARCHPROTECTRELEVANT GDPR ARTICLE(S): 15, 16, 17, 18, 20MINIMIZEVERITAS COMPONENTSeDiscovery PlatformVERITAS UNIQUE APPROACH1.Powerful indexing engine uncovers explicitand implicit personal data attributes.2.Machine learning automatically identifiesrelevant items and surfaces similar itemsfor comprehensive review.3.9Integrated review workflow enablesquick turnaround with no need toperform additional NIMIZEResidents of the EU can now request visibility into all ofthe personal data held on them by submitting a SubjectAccess Request (SAR). They can also request that thedata be corrected (if factually incorrect), ported (to asuitable export format) or deleted.Ensuring that your organization can undertake andservice these requests in a timely manner is critical toavoiding GDPR penalties.PROT
MINIMIZE DATA FOR GDPR NITORPERSONALDATALOCATEPERSONALDATAPersonal Data Classification Fuels Purpose Limitation AutomationSEARCHPROTECTRELEVANT GDPR ARTICLE(S): 5, 17, 32MINIMIZEVERITAS COMPONENTSEnterprise VaultEnterprise Vault.cloudVERITAS UNIQUE APPROACH1.Full content and context classificationprovides the critical intelligence forexecuting GDPR-compliant policies.2.Flexible policies facilitate retentionand deletion based on multi-variableattributes to ensure purpose NIMIZEData minimization, one of the main tenets of GDPR,is designed to ensure that organizations reduce theoverall amount of stored personal data. This is done byonly keeping personal data for a period of time directlyrelated to the original intended purpose.The deployment and enforcement of retention policiesthat automatically expire data over time establishes thecornerstone of your GDPR strategy.Gated deletion workflow armsinvestigators and admins with authorityto take action and confidently push thedelete key.10
PROTECT DATA FOR GDPR RSONALDATAUnified Data Protection Delivers Comprehensive ECTRELEVANT GDPR ARTICLE(S): 5, 25, 32, 33, 34, 35MINIMIZEMINIMIZEVERITAS COMPONENTSNetBackupInfoScaleResiliency PlatformVERITAS UNIQUE APPROACH111.Unmatched scale enables theprotection of petabytes withoutdisrupting the business.2.Converged approach delivers automaticmonitoring, AutoSupport, and call homefeatures to improve transparency.3.Cloud service provider integrationensures broad protection coverage forhybrid OCATEPERSONALDATASEARCHPROTECTMINIMIZEUnder GDPR, organizations have a general obligationto implement technical and organizational measuresto show they have considered and integrated dataprotection into all data collection and processingactivities.Whether deploying staff training, performing internalaudits of processing activities or cataloging relevantdocumentation on processing activities, organizationsmust be fully prepared to demonstrate transparencywhen it comes to validating compliance.
MONITOR DATA FOR GDPR COMPLIANCEPredictive Threat Analytics Reveals Breach IntelligenceRELEVANT GDPR ARTICLE(S) 5, 15, 16, 17, 18, 20, 24, 35, 42, 44, 45VERITAS COMPONENTSData InsightEnterprise IMIZEGDPR introduces a duty on all organizations toreport certain types of data breaches to the relevantsupervisory authority, and in some cases to theindividuals affected.Organizations must evaluate their ability to monitorbreach activity and quickly trigger reporting proceduresto ensure compliance.VERITAS UNIQUE APPROACH1.Aggregated metadata analytics allowinvestigators to pinpoint risky files andtake action.2.User behavior visualizations identifyanomalous behavior and allow for singleclick remediation.3.Retention policies for at-risk filescan be activated immediately uponrisk triggers.12
ORY SERVICADVISPRESGDGDPR ADVISORY SERVICESExpert Guidance Holistic Remediation MIZEVERITAS COMPONENTS GDPR Workshop GDPR Readiness Assessment GDPR Classification Service GDPR Solution DeploymentVERITAS UNIQUE APPROACH1.Leverage visibility toolkit to identifyregions of concern.2.Tap into classification engine to highlightpotential personal data landmines.3.13Propose recommendations in concertwith GDPR maturity ranking to ensureoptimal investment.GDPR requires companies to gain increased visibilityand control over their existing data. That enhancedinsight promotes well-informed planning that helpsmitigate crippling regulatory risk.The experts at Veritas Advisory Services engageclosely with each client to complete a GDPR ReadinessAssessment that helps organizations better understandtheir GDPR maturity. The comprehensive Assessmentprovides customers with a detailed and tailoredapproach to addressing their GDPR risk.
‘‘ GDPR is the most significant change to dataprotection in a generation and an imminentglobal issue that will dominate data privacy,management and regulation discussions in2017. To avoid potential regulatory fines orworse, damage to their corporate brands andreputations, global enterprises must takeaction now to understand where their dataresides and how to protect it.’’– Mike PalmerEVP & Chief Product Officer
REGULATORY READINESS ACCELERATESDIGITAL TRANSFORMATIONUnderstand Your GDPR Maturity Prepare for the New World OrderVISORY SERVICER ZE15Data is at the heart of Digital Transformation.Ultimately, organizations that are able to put theproper information-based controls in place toensure good data hygiene will accelerate theirTransformation. Alternatively, organizations thatforego compliance in favor of expedience will findthemselves exposed to unnecessary risk and mostlikely suffer the consequences of an information crisis.The GDPR’s aim is to ensure organizations take dataprotection seriously. Veritas’ 360 Data Managementfor GDPR delivers an enterprise-ready compliancesolution that accounts for the regulations strictestguidelines and arms customers with a confidentgovernance approach.Veritas’ propriety framework delivers the tools andservices that are tailor-made for each stage ofGDPR-readiness and our expert advisory teamwill ensure your organization’s GDPR investmentsare oriented toward the most impactfulcompliance requirements.
CONTACT USVisit our Websitewww.veritas.com/gdprFor more information please e-mail:infogov@veritas.comV0396 02/17 2017 Veritas Technologies LLC. All rights reserved. Veritas and the Veritas Logo aretrademarks or registered trademarks of Veritas Technologies or its affiliates in the U.S. andother countries. Other names may be trademarks of their respective owners.16
Enterprise Vault.cloud. MINIMIZE DATA FOR GDPR COMPLIANCE. Personal Data Classification Fuels Purpose Limitation Automation . RELEVANT GDPR ARTICLE(S): 5, 17, 32. VERITAS COMPONENTS. 1. Full content and context classification provides the critical intelligence for executing GDPR-compliant policies. 2. Flexible policies facilitate retention
