- What We Do
- Solutions Overview
- Use Cases
- Get Started
Staying compliant shouldn’t interfere with business agility. Yet data collection now seems easy compared to what’s required next: Governance. Storage. Retention. Privacy. Rights. Notifications. With more stringent regulation comes greater need for a secure, efficient, and cost-effective secondary data solution.
The new General Data Protection Requirement (GDPR), in effect May 25, 2018, applies to any company controlling or processing personally identifiable information (PII) of European Union (EU) residents, regardless of the location of the company. A subset of those requirements relates directly to data protection and data management, driving new use cases for the storage of PII data. Whether or not current regulations—GDPR, HIPAA, PCI, etc.—apply to your business immediately or not, now is the time to assess how your company will not only backup and store required information, but rapidly find it, access it, and delete it without blowing your budget.
Cohesity simplifies security and compliance by converging secondary data onto a hyperconverged, web-scale platform. The software-defined, scale-out solution’s single user interface and policy-based automation reduce IT burdens around how to best protect, minimize, locate, search, and monitor secondary data. The flexibility of Cohesity’s platform is designed to give you confidence that what you have today will help you meet ever-changing requirements in the future.
Integrate data protection into all data collection and protection activities. Reduce the overall amount of and place controls over stored PII. Build a data map to provide transparency into the storage of PII. Enable search within PII, then add requests. Monitor breach activity and quickly trigger reporting procedures to ensure compliance.
Cohesity doesn’t make you copy data across silos nor protect and manage multiple legacy products simultaneously, reducing the threat of non-compliance.
Cohesity consolidates all secondary data—from virtual machines and physical servers to Microsoft SQL Server, Oracle databases, NAS devices and Pure Storage—with unparalleled operational efficiency, at scale.
To comply with data minimization requirements, Cohesity lets backup administrators specify data retention periods through automated policies. Data can be automatically retained and deleted or expired based on policies.
Gartner Says Organizations Are Unprepared for the 2018 European Data Protection Regulation, May 2017Learn more
Protect data by design. Demonstrate transparency. Unify operations, saving time with one platform simplifying data protection, encryption, data retention, search, and analytics to streamline GDPR and other industry and government compliance requirements.
Meet all of the requirements of a robust data protection strategy by speeding backup that provides local data protection from accidentally deleted files, application crashes, data corruption, and viruses; enabling fast recovery of individual files and applications; retaining data to satisfy compliance and regulatory requirements; and providing off-site data protection and reliable disaster recovery with Cohesity DataProtect, fully converged with Cohesity DataPlatform.
Encrypt data at-rest through software. Under GDPR rules, encrypting data and storing the keys in a separate location is considered equivalent to pseudonymization of personal data. Cohesity provides full support for pseudonymization using encryption architecture, based on strong AES-256 Cipher Block Chaining standard with a FIPS-Certified mode, providing high end-to-end security while allowing optimal use of available resources.
Set Role-Based Access Control (RBAC) permission by type of user and permissions based on data source to help ensure only authorized users have access to specific data. The Cohesity platform also includes strong Active Directory integration for increased protection.
Leverage file or view level WORM (write once, read many) for immutable locking and secure data retention capabilities to mitigate data loss and ransomware.
Subscribe to the more is less philosophy. Reduce the amount of personal data your enterprise stores. Cohesity can help you minimize and automate to meet evolving data retention requirements.
Become more-agile using the Cohesity architecture. It inherently minimizes data copies, reduces attack footprint, and tracks copies through centralized data management.
Establish granular control. Automate retention policies in Cohesity that enable you to keep PII only for intended periods of time.
Effectively relocate files on demand to minimize the spread of PII data across your environment.
Rely on Cohesity’s policy-based automated archiving, tiering, and replication to cloud to ensure your enterprise has a 360-degree view of where it stores PII, why, how it got there, where it goes, and who has access to it. GDPR restricts the list of locations and providers to which personal data may be sent, so you need a solution that helps you manage data everywhere, even the cloud.
Use Cohesity to schedule updates to data maps that delineate the following:
Leverage Cohesity reports to complete Data Protection Impact Assessments (DPIAs), as needed per GDPR requirements.
Cohesity supports integration with all leading public clouds, including Amazon Web Services (AWS), Microsoft Azure, and Google Cloud, for easy and rapid scaling without a bolt-on cloud gateway. Learn more about Cohesity Cloud Integration.
Ensure you know, so you can show. Cohesity search and analytics provide insights to help you quickly discover, easily report on, and if necessary, delete, PII you have stored in your secondary data.
Search within unstructured data for multiple categories of PII. Input PII patterns and their variations, and file types (txt, doc, pdf, xls, zip, jpeg) to scan using templates.
Report search results in txt file format or integrate with third-party data visualization or analytics tools.
Inject custom code to run data processing jobs on stored data using Cohesity Analytics Workbench.
Mitigating threats is priority one. Yet when intrusion does occur, Cohesity reporting of that breach can help you more efficiently validate compliance.
Prevent portability of PII using White Lists.
Receive notifications or warnings when data is tiered, archived, or replicated to a non-Cohesity target. Receive the notification when data leaves EU while still on Cohesity.
Export cluster- and system-level audit logs for additional analytics and breach detection with Cohesity.
Marteinn Sigurdsson, Infrastructure Architect, ThekkingView More