HEMANT HARIE As each industry understands its cybersecurity and data risks better, it will become clearer what the appropriate responses are to ensure data management, protection and cybersecurity
Organisations must understand what data they have and where it is stored to ensure that sensitive customer information is protected correctly in compliance with data protection regulations and best practices, says data management solutions provider Gabsten Technologies MD Hemant Harie.
“In today’s digital and mobile world, structured and unstructured data may be stored in numerous locations, including various end-point devices, file servers, databases and even cloud solutions. Only once businesses understand their data effectively can they ensure compliance with the Protection of Personal Information Act, as well as other data protection regulations and industry requirements.”
Businesses are more aware of their data than ever before. The need to safeguard information, or risk hefty penalties, has resulted in a drive toward more effective backup and recovery practices, he adds.
“Organisations that hold personal information need to respect that they have these sensitive details and ensure that they are adequately protected.
“A core requirement is that organisations must be able to respond to requests by individuals and clients to find and delete their information. Organisations also need to be able to report on the request and prove that the data has been destroyed, if requested.”
This requires that organisations be able to identify their data, wherever it resides, and remove personally identifiable information. Businesses that did not need backup and recovery systems now require that such systems comply with local and international data protection regulations.
“Organisations must know what data they are generating and capturing, how long it remains in the organisation, what it is used for and how it is deleted,” says Harie.
Security awareness is a central component of the European Union General Data Protection Regulations and is a key part of data protection, which includes data management.
Harie highlights that many industries have to meet global data protection rules, such as the personal card information regulations that the retail industry adheres to. This requires retailers to process card information securely and store it according to specific rules, including restrictions on how long it may be stored and that it can be removed on request.
“As each industry understands its cybersecurity and data risks better, it will become clearer what the most appropriate responses are. The requirements for data management specific to each industry must also be determined, and industry and standards organisations should also provide guidance.”
The ubiquity of the Internet and data not being truly localised in any country make it important for organisations to understand what data they are generating and how it is shared to be able to manage and protect it effectively, notes Harie.
“Data management capabilities are also important in modern hyperconverged infrastructure environments to allow for the integration with devices and the provision of high availability across all systems.
“Data management is part of modernisation expertise in general, as it is not only about back-up, archiving and replication, but also streamlining and modernising processes. Data management tools and capabilities can seamlessly be added to ensure that data is stored, replicated, archived and deleted when no longer necessary, and simultaneously support organisations’ processes and operations.”