Story image

Calm before the GDPR storm: An exclusive interview with Commvault

24 May 2018

Don Foster is a Commvault veteran.

Over 15 years ago, he began to work his way up through the ranks to the company’s product management division. Today, he holds a global position as senior director of solutions marketing, a role that sees him lead a worldwide solutions marketing team.

He’s a key bridge between customers’ needs and expectations and ensuring Commvault’s products are aligned with these needs.

For customers around the world, those needs are most likely related to data management, and on May 24th, the day before the implementation of the EU’s GDPR, we can assume data regulation and compliance is very top-of-mind.

"GDPR is not just about your production data,” warns Foster.

“It's so much more complex than that. It includes everything including secondary data, and many would say secondary data is probably the more difficult challenge for many companies."

"Organisations are becoming more digital, and as customers become more digital, they are creating more data. The interesting thing about secondary storage is it can be 2-3 or, in some cases, 5 times the size of what product storage is."

"That's because of all the use cases existing in the enterprise from dev and test and backup to how you do use case validation, and reporting; there are a number of reasons why customers need secondary storage copy.”

“That drive to protect the new digital business, while enabling it, is what's driving a massive boom in secondary storage, as well as production storage.”

"Here’s an example. My kids like to play video games, and I play video games with them sometimes. There's a video game store that's actually shutting its doors because of GDPR; because they couldn't actually secure their data in the European Union corporately for their customers."

"They would have to completely redo the way their online game community was structured. That's an interesting outcome of what could happen when you start to look at what this regulation really means."

"Secondary storage usually houses a copy of everything you have in your production storage. So, if you have trouble keeping your production environment aligned to regulation, I imagine it's going to become even more difficult to ensure the copies of that data in your secondary environment are just as secure."

“Another key thought here surrounding secondary storage is security, and how strong that storage is in terms of protection if the business is hit by a ransomware or malware attack."

"Secondary storage is key to disaster recovery, and customers are starting to focus on how "recovery-ready" they are. What’s driving this trend is the rise in ransomware/malware attacks that we've seen globally.

"Executives are asking the question 'how ready are we to recover and to get out business back online if we are impacted?’ Executives want someone to come in and prove how recovery-ready their business is.”

"This is where Commvault can help. We use customers' secondary data to test how recovery-ready they really are, to showcase what operations they need to use in case they get hit by something and then use this information to really improve their overall operations to the point where they might actually have to use these particular plans, and then ultimately, automate it."

Testing your recovery-readiness

However, it’s not that easy to become recovery-ready, warns Foster. It’s a multi-step process, and Foster says many companies don’t even have the first step covered.  

"The first step is to make sure you've defined and your writing down what your SLAs are, and what systems you have that need those SLAs.”

“If you know that, say, 25% of your systems are critical, and that they need to be back up in less than an hour, then you need to make sure you have that documented and you're aware.”

“I know it sounds like a very simple thing to do, but many organisations don't even have this first step completed."

"Once that's done - and this is really where Commvault comes in to help -  you can start using those SLAs to map how well you’re actually operating against that outcome.”

“What we're talking about here is not being focused on a job or an operation, but focusing on the outcome the company wants.’

“If you don't have a way to show say, these SLAs for these 25 systems with X amount of data need to recovered this quickly - how well am I doing against this? If you can't quickly get those metrics then you obviously have a risk and a gap in your organisation that many can't close."

"Part of what we do is, if these systems are being protected with Commvault, we can use the operational data that we collect on a day-by-day, job-by-job basis and showcase how well you as an organisation are able to meet those SLAs if a disaster were to strike."

"Say there were 100 systems that made up that critical tier and 10% of those were not making their SLA, we are able to provide insights and advice into how you could change your current protection and secondary storage infrastructure to meet the readiness requirements that the organisation has.”

“This sheds a whole new light on what it takes to keep a business protected and operational if a disaster strikes."

Challenges ahead for businesses working with IoT

But what about the Internet of Things (IoT)?

Foster says there are still many businesses that are trying to wrap their heads around IoT.

"In many cases, the data from IoT is really only useful for probably the minutes or hours after it has been created. That data gets overwritten pretty quickly. There are some scenarios where that data can get kept for a longer period of time.”

“The challenges that lie ahead for business here will come about when IoT data starts to actually generate revenue.”

“The real challenge will be, how do you ensure that data is being met by the same sort of governance and compliance policies that the rest of the company's data might be subject to."

"And here is where you get the attorneys and legal involved.”

“You need to understand whether or not this data needs to be secured, whether it is personal or not, and the type of devices this data is being transmitted from - all of these are questions that will have to be answered as business becomes more and more digital and increasingly use this type of data to drive business generate revenue."

"One of the places we start when we focus on IoT on the endpoint data; you have workers that are spread across the globe in many organisations that are creating data, maybe not quite the level of a sensor in a watch or an airplane, but they are absolutely creating data - and we can help businesses manage that data and secure that data, and make sure it’s a match to different government timelines for regulation."

Don Foster, Commvault's senior director of solutions marketing. 

Microsoft appoints new commercial and partner business director
Bowden already has almost a decade of Microsoft relationship management experience under her belt, having joined the business in 2010.
Zoom’s new Rooms and Meetings features
Zoom has released information about the upcoming releases for its Rooms and Meeting offerings for 2019.
Aussie company set to democratise direct-to-orbit IoT access
Adelaide-based Myriota has released a developer toolkit that has been trialled and tested by a smart waste management platform.
Apple's AirPods now come with 'Hey Siri' functionality
The new AirPods come with a standard case or a Wireless Charging Case that holds additional charges for more than 24 hours of listening time.
Dynatrace takes pole position in APM Magic Quadrant
It placed highest on Ability to Execute and furthest on Completeness of Vision in the 2019 Quadrant for Application Performance Monitoring (APM).
HCL and Xerox expand strategic partnership
Under the terms of the agreement, HCL will manage portions of Xerox’s shared services, including global administrative and support functions.
Avaya expands integration with Google Cloud AI
This includes embedding Google’s machine learning within conversation services for the contact centre, enabling integration of AI capabilities.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.