Upload
dinhhuong
View
215
Download
0
Embed Size (px)
Citation preview
Copyright 2017 FUJITSU© 2017 Fujitsu
Also Solutions day 2017-09-21
Simplify GDPR Compliance
Copyright 2017 FUJITSU
Agenda – Simplify GDPR Compliance
Fujitsu and CommVault Global Partnership
What is GDPR and why does it Matter?
The Challenge
Data Copies and Silos
How to Handle Various Data Types
Complexity Hinders Compliance and Increases Risk
How can Fujitsu help?
An Advanced Data Management Platform
Managing GDPR Requirements
Protect, Recover and Leverage Enterprise Data
1
Copyright 2017 FUJITSU
Fujitsu and CommVault Global Partnership
“Fujitsu and Commvault provide complete
data protection solutions to assist
customers in implementing the best SLAs
for backup and archiving. With full
coverage of operating systems, hardware
and database support and best-in-class
functionality for modern backup concepts
like snapshots, Commvault helps solve
current and future customer requirements.
The deep partnership with Fujitsu leads to
well-integrated solutions.”
Ankush Korla, Vice President
Channel Sales EMEA, Commvault
“OEM reseller partnership” since April 2011 in EMEA and India
Close engagement at corporate and local levels for product integration and
key initiatives, including system integration
Existing partnership in New Zealand and Australia; start of cooperation in
Japan
Partnership
Joint integration efforts provide optimized solutions for the data center
Commvault IntelliSnap® technology provides best-in-class, application-aware hardware
snapshots for Fujitsu ETERNUS DX arrays
ETERNUS Snapshot Manager (ESM) for ETERNUS DX since 2013
Ongoing integration/best practices efforts for ETERNUS CS8000 and CS800
appliances
Support for Fujitsu PRIMEFLEX for SAP and SAP HANA with Commvault software
Integrated backup appliance ETERNUS CS200c Powered by Commvault launched in
2014.
Joint Integration
Copyright 2017 FUJITSU
Why does it matter?
What is GDPR
Commercial in confidence
Copyright 2017 FUJITSU
What is GDPR and why does it matter?
17-09-26Commercial in confidence 4
▪ Data protection by design: Protect personal data against misuse at every stage of its lifecycle
▪ Data minimization: Collect and keep as little personal data as possible
▪ Right to be forgotten: Delete all of an individual's personal data on request
▪ Data transfer and portability: Move an individual's personal data to another provider on request
▪ Managing consent: Define specific uses cases when obtaining consent, retain proof of consent
and delete data once the use case has ended
▪ Seventy-two (72) hour breach notification: Determine the extent of a breach and notify the
affected users
▪ Integrity and availability: Restore access to personal data quickly following an outage or failure
▪ Accountability: Log and provide audit trails for all data consents, requests and remedial actions
If you can't meet these requirements, you'll face stiff financial penalties, jeopardize your
reputation and lose customers.
Copyright 2017 FUJITSU
Data Copies and Silos
The Challenge
Commercial in confidence
Copyright 2017 FUJITSU
Data Copies and Silos
Copy
Replicate
MailboxArchive
MailboxBackup
MailServer
Files
File Analytics
ComplianceArchive Mailbox
Archive
MultipleBackups
ComplianceCopy
OutlookPSTs
ComplianceReplica
ArchiveBackup
MultipleBackups
ArchiveBackup
Datacentre File Servers
File Archive
EndpointBackup
ServerBackup
ServerBackup
Personal Cloud & Devices
Dept. FileServers
Remote FileServers
Copyright 2017 FUJITSU
Data Copies and Silos
Products / silos: 5-10
Potential Data Copies: 50+Copy
Replicate
MailboxArchive
MailboxBackup
MailServer
Files
File Analytics
ComplianceArchive Mailbox
Archive
MultipleBackups
ComplianceCopy
OutlookPSTs
ComplianceReplica
ArchiveBackup
MultipleBackups
ArchiveBackup
DatacentreFile Servers
File Archive
EndpointBackup
ServerBackup
ServerBackup
Personal Cloud & Devices
Dept. FileServers
Remote FileServers
Copyright 2017 FUJITSU
Data Copies and Silos
Products / silos: 5-10
Potential Data Copies: 50+Copy
Replicate
MailboxArchive
MailboxBackup
MailServer
Files
File Analytics
ComplianceArchive Mailbox
Archive
MultipleBackups
ComplianceCopy
OutlookPSTs
ComplianceReplica
ArchiveBackup
MultipleBackups
ArchiveBackup
DatacentreFile Servers
File Archive
EndpointBackup
ServerBackup
ServerBackup
Personal Cloud & Devices
Dept. FileServers
Remote FileServers
Example shown just
for backup & recovery,
retention and
compliance
Each data silo =
another potential door
for a data breach
More to manage,
monitor report and
secure
Tape is a particularly
problematic
Complex
Search/Auditing
Copyright 2017 FUJITSU
Data Copies and Silos
How to Handle Various Data Types
The Challenge
Commercial in confidence
Copyright 2017 FUJITSU
How to Handle Various Data Types
Structured
Application Data
• CRM Systems
• ERP Applications
• Financial
• Marketing
• Vertical apps (e.g. Retail)
• SaaS Apps
• RDBMS
• Big Data
Semi-structured
Application Data
• Document Management
• App File Stores
Unstructured
Files & Folders
• NAS
• File Servers
• Cloud Storage
• Laptops
• Mobile Devices
• Personal Clouds
26 September 2017Commercial in confidence 10
Security, Protection, Availability, Retention, Copy management, Lifecycle, Custody, Access, Audit
Personal Data Can Be Anywhere
Copyright 2017 FUJITSU
GDPR Demands Fundamental Changes
New GDPR Mandates Require Changes to Storage
Management Strategies for All Global Enterprises
Identify Personal Data
Verify Whether Proper Consent Was Obtained
Examine Backup Retention
“Retention should be reduced for systems that contain personal
data, and if archiving is not already in place for maintaining
these records for governance purposes, then it should be
implemented.”
Implement Archiving for Governance Purposes
17-09-26Commercial in confidence 11
Source: Gartner 2016 New GDPR Mandates Require Changes to Storage Management Strategies for All Global Enterprises
Copyright 2017 FUJITSU
Data Copies and Silos
How to Handle Various Data Types
Complexity Hinders Compliance and Increases Risk
The Challenge
Commercial in confidence
Copyright 2017 FUJITSU
Backup and Archive Confusion
Many organizations use archive tools
for space management, but still retain
backup copies for many years as
‘archives’
Archives require backup, which often
creates a ‘silo inside a silo’
Tape is still the most used medium for
long term storage
17-09-26Commercial in confidence 13
MultipleBackups
ArchiveBackup
File Servers& NAS
File Archive
Offsite or 3rd Party
Archive Benefit: Faster Backup and DR
A 2016 Gartner straw-poll at a European event revealed that
only 4% used the cloud instead of tape for long term retention
Copyright 2017 FUJITSU
Complexity Hinders Compliance and Increases Risk
The GDPR Breakdown
LEGACY SYSTEMSDATA CENTERS CLOUD DATA SaaS
PAIN: LACK OF CONTROL AND ANALYSIS• Archive and search systems create silos
• Lack common search and collate
• Multiple access controls to manage
• Gaps in coverage present risk
PAIN: VISIBILITY OF EXTERNAL DATA• Data held externally is difficult to track
• Protection managed by 3rd party
• Limited ability to archive or manage retention
PAIN: BACKUP AND RECOVERY RISKS• Too many siloed solutions & repositories
• Not easy to set common policies
• Reporting is a challenge
• Variable controls in areas such as auditing
• Complexity leads to gaps in coverage
? ? ? ?
x?
Silo
Silo
Copyright 2017 FUJITSU
An Advanced Data Management Platform
How can Fujitsu Help?
Commercial in confidence
Copyright 2017 FUJITSU
An Advanced Data Management Platform
The GDPR Breakthrough
LEGACY SYSTEMSDATA CENTERS CLOUD DATA SaaS
GAIN: ROBUST DATA MANAGEMENT• Data is accessible, organized and indexed
• Complete infrastructure awareness
• Centralised governance and control for hybrid clouds
• Consistent data policies across the enterprise
GAIN: UNIFIED CLOUD BACKUP• Single solution to backup the whole enterprise
• Automation ensures backup by default
• Easy to report and audit
• Robust, integrated redundancy for archive policies
GAIN: CONTROL OF EXTERNAL DATA• Backup and archive SaaS data
• Backup and gain visibility of data on mobile devices
• Guard against Malware and data breaches
• Provide secure alternative to personal cloud shares
Data Management
Platform: Indexed
Virtual Repository
Dedupe:Global, Secure
Copyright 2017 FUJITSU
From Backup & Archive to Information Management
Intelligent Data Management
Single Query Searching across Backup & Archive
Global Data (Cost) Reduction
COLLECTION
Remote & Internal End Users
Email On-Premises or
Cloud
Cloud Solutions
Data Center
Access
End User AccessOutlook Plugin
Analyse
• Search & Preservation
• Content-Aware Retention Mgt.
• Data Leakage Detection
• Remote Search of Structured Sources
• Rapid response to data subject inquiries
A
B
C
B
A
1 Yr
30 YrAuto Storage
Tiering
Manage
DELETE
ZIPProduce or
EraseXML
Compliance AccessGDPR, FOIA, eDiscovery,
Data Spillage Search
Copyright 2017 FUJITSU
An Advanced Data Management Platform
Managing GDPR Requirements
How can Fujitsu Help?
Commercial in confidence
Copyright 2017 FUJITSU
Managing GDPR Requirements
Right to be forgotten
17-09-26Commercial in confidence 19
Copyright 2017 FUJITSU
Managing GDPR Requirements
Right to be forgotten
Data protection by design and default
17-09-26Commercial in confidence 20
Copyright 2017 FUJITSU
Managing GDPR Requirements
Right to be forgotten
Data protection by design and default
State of the art
17-09-26Commercial in confidence 21
Copyright 2017 FUJITSU
Managing GDPR Requirements
Right to be forgotten
Data protection by design and default
State of the art
Ensure ongoing confidentiality, integrity, availability and resilience
17-09-26Commercial in confidence 22
Copyright 2017 FUJITSU
Managing GDPR Requirements
Right to be forgotten
Data protection by design and default
State of the art
Ensure ongoing confidentiality, integrity, availability and resilience
72 hour data breach notification
17-09-26Commercial in confidence 23
Copyright 2017 FUJITSU
Managing GDPR Requirements
Right to be forgotten
Data protection by design and default
State of the art
Ensure ongoing confidentiality, integrity, availability and resilience
72 hour data breach notification
Data minimization principle
17-09-26Commercial in confidence 24
Copyright 2017 FUJITSU
Managing GDPR Requirements
Right to be forgotten
Data protection by design and default
State of the art
Ensure ongoing confidentiality, integrity, availability and resilience
72 hour data breach notification
Data minimization principle
Defining use cases and managing consent
17-09-26Commercial in confidence 25
Copyright 2017 FUJITSU
Managing GDPR Requirements
Right to be forgotten
Data protection by design and default
State of the art
Ensure ongoing confidentiality, integrity, availability and resilience
72 hour data breach notification
Data minimization principle
Defining use cases and managing consent
Data transfers
17-09-26Commercial in confidence 26
Copyright 2017 FUJITSU
Managing GDPR Requirements
Right to be forgotten
Data protection by design and default
State of the art
Ensure ongoing confidentiality, integrity, availability and resilience
72 hour data breach notification
Data minimization principle
Defining use cases and managing consent
Data transfers
Data portability
17-09-26Commercial in confidence 27
Copyright 2017 FUJITSU
An Advanced Data Management Platform
Managing GDPR Requirements
Protect, Recover and Leverage Enterprise Data
How can Fujitsu Help?
Commercial in confidence
Copyright 2017 FUJITSU
Protect, Recover and Leverage Enterprise Data
Copyright 2017 FUJITSU
Protect, Recover and Leverage Enterprise Data
✓ Search & Analyze
✓ Backup & Archive
✓ Encryption
✓ Reporting & Monitoring
✓ Compliance & Audit
✓ Secure Erase
Copyright 2017 FUJITSU
An Advanced Data Management Platform
Managing GDPR Requirements
Protect, Recover and Leverage Enterprise Data
Use case – Baltic Insurance Company
How can Fujitsu Help?
Commercial in confidence
Copyright 2017 FUJITSU
Use case – Baltic Insurance Company
Background
Small Data Center with need for backup solution
High demands on RPO, RTO, BTO
Normal retention periods and service window
SQL Server, Exchange, SharePoint, Oracle, Sybase, Clustering
~40 TB Front End Capacity
Key criteria
Application support
Appliance packaging
Being able to prepare for GDPR …
Copyright 2017 FUJITSU
Use case – Baltic Insurance Company
Commvault OnePass Functionality
Copyright 2017 FUJITSU
Use case – Baltic Insurance Company
One ContentStore – One Single Intelligent Index – CI add-on
Copyright 2017 FUJITSU
Use case – Baltic Insurance Company
Case Manager for Compliance Officers
Copyright 2017 FUJITSU
An Advanced Data Management Platform
Managing GDPR Requirements
Protect, Recover and Leverage Enterprise Data
Use case – Baltic Insurance Company
Simplify Implementation with ETERNUS CS200c
How can Fujitsu Help?
Commercial in confidence
Copyright 2017 FUJITSU
ETERNUS CS200c Powered by Commvault
Integrated, all-in-one data protection appliance
Powerful Fujitsu technology combined with
industry leading Commvault software
Pre-loaded, pre-configured, right-sized solution
enables a fast and hassle-free setup (T-shirt sizes)
Deduplication to storage capacity
Simple, cost-effective expandability delivers
investment protection
Support: MS, Linux/Unix, VM, SAP, Oracle,
Snapshots, Tape, Cloud, …
Copyright 2017 FUJITSUFUJITSU CONFIDENTIAL 38
SME customer runs 10+ server on one
location, looks for a DP-solution in a box
Simplicity matters
Customer scenarios
SME customer runs 10+ server on 1 location and has subsidaries
Looks for a unified DP- solution for the central location and the remote offices
Complexity reduction matters
Public customer has a central office and many locations across the country
Looks for a unified DP- solution manageable with low effort
Staff cost matters
Customer runs several different DP products and wants to consolidate
Cost of operation matters
Large customer needs a unified DP infrastructure (hardware & software) which addresses varying requirements for capacity and functionality
Overall cost and simplicity matters
Service provider goes towards the end of an investment cycle
wants to replace the hardware with an DP optimized system
Riskless and low effort transition matters
Copyright 2017 FUJITSU
Fujitsu ETERNUS CS200c Powered by CommVault
Complete stack for appliance, professional service and
maintenance
Handle Various Data Types, Copies and Silos
Reduce Complexity to increase Compliance at lower Risk
Benefit from an Advanced Data Management Platform
Be able to manage GDPR Requirements
Protect, Recover and Leverage Enterprise Data
Summary
Copyright 2017 FUJITSU