The General Data Protection Regulation—or simply GDPR to anyone who has been caught up in the mad rush to meet today’s new European Union (EU) requirements—is a new law on data protection and privacy that directly impacts how organizations in the EU store data. Note the key words there: data and storage! GDPR, along with other recent events that have brought attention to the storage and security of personal data, are making the IT admin the hero, or scapegoat, when it comes to IT security.
Addressing Security Gaps with VMware’s Digital Foundation
VMware delivers leading solutions that form the digital foundation of today’s data center to help organization meet key compliance requirements and solve data protection challenges. No technology company can ensure you are fully “GDPR compliant,” but we believe it’s our goal to deliver end-to-end security solutions to address the increasing needs for data protection and governance.
Check out this article for an overall look at VMware’s view on GDPR and how our suite of solutions provide a solid foundation for securing personal data and other sensitive information.
Taking GDPR Head-On with Secure HCI
The fact is that older storage systems, especially small to mid-size systems or those deployed at remote sites, often lack built-in security and are managed by overworked IT staff. Over time, they pay little attention to proper security or sanitization, especially when it comes time for decommissioning a system.
GDPR expects data security by default in today’s business processes and handling of personal data, without requiring extra steps or specially trained staff. VMware vSAN Encryption easily accomplishes this and enables a secure HCI foundation for the datacenter and cloud.
vSAN makes security easy with a “set and forget” model that adds minimal impact to performance. There is minimal, if any, operational cost because the management and consumption does not significantly change, including provisioning, use, and backups. And finally, the solution is flexible, working with any KMIP 1.1 compliant key manager.
Native vSAN Encryption
vSAN delivers software-based, FIPS 140-2 validated encryption for data-at-rest. By leveraging an agile, software-based approach, vSAN eliminates the need for expensive self-encrypting drives (SEDs) and complicated, per-drive management. vSAN encryption supports 2-factor authentication, including SecurID and CAC, and is part of the HCI industry’s first official DISA-approved STIG (Security Technical Implementation Guide). Security can be managed at the VM level to help ensure regulatory compliance, whether for GDPR or other requirements.
By creating an easy, flexible and zero-overhead approach to security, organizations can begin to embrace the intent and needs of GDPR as a fundamental part of their approach it IT and data protection.
Become a GDPR Hero
Read more about how vSAN is providing the industry’s most secure HCI solution for GDPR environments: