Freelance business and tech journalist Graham Jarvis explores how data protection compliance changed after Brexit
Do GDPR terms still apply to UK based organizations?
Although much of the European Union’s General Data Protection Regulation (GDPR) has been incorporated into UK law, it is still important to consider what has changed in the way businesses – especially those UK based – ensure compliance with data protection regulations. It was supported in 2017 by Indexing motors that the GDPR puts personal data in the hands of citizens. This begs the question, “Does this still apply?” “
No matter what has changed, one challenge will remain: the ability of organizations to find critical business and legal information in their vast unstructured data stores. Then there are the decisions about when to delete and where to store it, when to edit and rectify it. It’s a complex issue now involving several petabytes of data, and organizations don’t really understand what’s in their unstructured data. With this in mind, it is arguably necessary to speed up the wide area network (WAN) to gain the ability to find and move data at high speed with less latency and packet loss. It works to provide faster data access and recovery.
Three years later, is the GDPR sufficient to protect our data?
Rob Price, Senior Solutions Consultant and Global Head of Risk & Compliance at Snow Software, discusses whether GDPR is enough to protect our data. Read here
Two classes of GDPR
David trossel, CEO and CTO of Bridge works, comments: “While the UK has committed to ensuring Brexit is adequate, it has created two categories of GDPR for UK businesses: UK GDPR and, for those who treat EU citizens, there is the original EU GDPR. He explains that the free data transfer bridge ended on June 30, 2021 and since then there have been murmurs of the UK government’s intention to remove some of the GDPR requirements in the UK.
“This prospect is strange, because it was the UK that launched the whole GDPR initiative,” he said before adding, “By creating two classes of GDPR, organizations find that they have a considerable amount of work to do. to separate the two separate groups and rules. As many countries have adopted GDPR rules, it looks like the UK is once again the only one with different rules from everyone else. “
To add to what he calls “confusion,” Trossell reveals that the EU is now considering GDPR 2.0 rules for AI. Still, there is some consistency. For example, Maurice Stewart Ashley, sales director for EMEA and APAC at Index Engines, says there have not yet been any changes in the sanctions that have been instituted, but that this area will be at the center of concern in the years to come. to come.
Growth in data volume
Data volumes will always change and grow. So how much have they grown since 2017, and do organizations have a bigger challenge than in 2017 with finding personal and sensitive data? Stewart-Ashley believes the data continues to grow at an exponential rate. “Unstructured data, by its very nature, is the most difficult to control and find, with several petabytes now the norm. All organizations spend an inordinate amount of time trying to manage and control this data, ”he explains, before commenting that this requires very high levels of investment in hardware, software licenses and, of course, software. space, power and environmental requirements.
Marketing strategies can benefit from unstructured AI-driven data analysis
Michael Michalis, CEO of DigitalMR, discusses how AI-powered analysis of unstructured data can make marketing strategies more nuanced. Read here
Free unstructured data
Organizations also need to free up their data. This is because unstructured data often resides on tape. He explains that a local area network (LAN) can be indexed, managed, scaled down and, in conjunction with Bridgeworks, even unusually large amounts of data can be migrated to a low-cost platform, freeing up capacity and reducing licensing requirements: “This indexing can provide full control over this data with the ability to instantly delete and search across the enterprise down to the file level for compliance or GDPR requirements.
By freeing up their unstructured data, organizations can find, create, and deliver increased business value. Here are Stewart-Ashley’s top 5 tips to achieve it:
- Index and then keep only critical business and legal data, which can remove 60% of existing and duplicate ROT data.
- Make sure the remaining data is instantly searchable for business and compliance reasons.
- Make sure all restores can be completed in seconds to meet compliance SLAs.
- Maintain existing data retention policies to age old data.
- Drop all legacy environments and index / move data to simplify and remove costs.
Cloud migration decisions
It is also important to consider migration decisions; the need to move data to the cloud and its impact on data management strategies, policies, challenges, costs and outcomes. Trossell comments: “The cloud is notorious for leaking details with poor security – this must be a concern for many businesses using the web for data storage. In fact, many are now considering leaving cloud data storage. “
Stewart-Ashley points out that whenever a malware attack occurs, “rollbacks” place significant bandwidth demands and unacceptable delays in data recovery and transmission. This can potentially cause serious financial and operational difficulties and, in turn, accelerate the shift to on-site retention protected by vacuum boxes.
He says the malware landscape has changed dramatically, and therefore “with well-publicized incidents there is now a very real daily threat to all organizations” and the focus on GDPR has therefore increased. These malware attacks encrypt data, while also publishing company data to the world, impacting GDPR. Yet regulatory compliance will, in my experience, bring “cost, manageability and security benefits that far outweigh the cost of implementation, which is rare!” “.
Role of WAN acceleration
So what role can WAN acceleration play in data management and data protection compliance? Trossell responds, “The movement of data out of the data center is always extremely slow, especially if it is an electronic transfer over WANs, as most GDPR data needs to have strong encryption to prevent leaks. data, which means that those who have relied on WAN optimization in the past find that it gives little to negative performance benefit. The only option is WAN acceleration, as it preserves the immutable image of the data. “
In essence, not much has changed since the start of Brexit, but some changes could still occur over time. No matter what happens in the future with both types of GDPR, organizations will still need to have the ability to back up, restore, move, recover, and find data quickly.
To strengthen compliance, even if an organization deploys SD-WANs, mitigating the effects of latency and packet loss is imperative. It often doesn’t require more bandwidth, as WAN acceleration can dramatically improve bandwidth usage by using artificial intelligence, machine learning, and data parallelization. Even SD-WANs can be enhanced with WAN acceleration overlays, helping organizations accelerate their data, for example, to the cloud while maintaining regulatory compliance for data protection.