GDPR Security and Compliance

Protect your data and simplify regulatory requirements.

arrowDownload solution brief
parallax img

Regulations change. Stay prepared.

Staying compliant shouldn’t interfere with business agility. Yet data collection now seems easy compared to what’s required next: Governance. Storage. Retention. Privacy. Rights. Notifications. With more stringent regulation comes greater need for a secure, efficient, and cost-effective data management solution.

Keep compliant

The General Data Protection Requirement (GDPR), in effect since May 25, 2018, applies to any company controlling or processing personally identifiable information (PII) of European Union (EU) residents, regardless of the location of the company.

A subset of those requirements relates directly to data protection and data management, driving new use cases for the storage of PII data. Now is the time to assess how your company will not only back up and store required information, but rapidly find it, access it, and delete it without blowing your budget.

Web-scale data management

Cohesity simplifies security and compliance by converging data onto a hyperconverged, web-scale platform. The software-defined, scale-out solution’s single user interface and policy-based automation reduces IT burdens around how to best protect, minimize, locate, search, and monitor data.

The flexibility of Cohesity’s platform is designed to give you confidence that what you have today will help you meet ever-changing requirements in the future.

Gain speed, agility, and reliability

Integrate data protection into all data collection and protection activities. Reduce the overall amount of PII and place controls over it. Build a data map to provide transparency into the storage of PII. Enable search within PII, then add requests. Monitor breach activity and quickly trigger reporting procedures to ensure compliance.

Aggregate data for faster processing

Cohesity doesn’t make you copy data across silos, or protect and manage multiple legacy products simultaneously—reducing the threat of non-compliance.

Protect PII across workloads

Cohesity consolidates data—from virtual machines and physical servers to Microsoft SQL Server, Oracle databases, NAS devices and Pure Storage—with unparalleled operational efficiency, at scale.

Automate for consistency

To comply with data minimization requirements, Cohesity lets backup administrators specify data retention periods through automated policies. Data can be automatically retained and deleted or expired based on policies.


Protect data by design. Demonstrate transparency. Unify operations, saving time with one platform simplifying data protection, encryption, data retention, search, and analytics to streamline GDPR and other industry and government compliance requirements.

Secure data against unauthorized access

Using encryption architecture, Cohesity provides high end-to-end security while allowing optimal use of available resources.

Granular control with flexibility

Ensure only authorized users have access to specific data with Role-Based Access Control (RBAC) permissions by type of user and data source.

Protect against data loss and breaches

Leverage file or view level WORM (write once, read many) for immutable locking and secure data retention capabilities to mitigate data loss and ransomware.


Less is more. Reduce the amount of personal data your enterprise stores. Cohesity can help you minimize and automate to meet evolving data retention requirements.

Centralized management

Become more agile using the Cohesity architecture. It inherently minimizes data copies, reduces attack footprint, and tracks copies through centralized data management.

Automated policies

Establish granular control. Automate retention policies in Cohesity that enable you to keep PII only for intended periods of time.

On-demand relocation

Effectively relocate files on demand to minimize the spread of PII data across your environment.


Cohesity’s policy-based automated archiving, tiering, and replication to cloud ensures your enterprise has a 360 view of where it stores PII, how it got there, why, and who has access to it.

GDPR restricts the list of locations and providers to which personal data may be sent, so you need a solution that helps you manage data everywhere, even the cloud.


Use Cohesity to schedule updates to data maps that delineate:

  • Location and Movement Tracking (source and destination) of PII
  • Categories of PII stored
  • File containing PII
  • Retention policies of PII
  • Access rights to PII

Leverage Cohesity reports to complete Data Protection Impact Assessments (DPIAs), as needed per GDPR requirements.


Cohesity supports integration with all leading public clouds, including Amazon Web Services (AWS), Microsoft Azure, and Google Cloud, for easy and rapid scaling without a bolt-on cloud gateway.

Learn more about Cohesity Cloud Integration.


Cohesity search and analytics provide insights to help you quickly discover, easily report on, and if necessary, delete PII you have stored.

Google-like capabilities

Search within unstructured data for multiple categories of PII. Input PII patterns and their variations, and file types (txt, doc, pdf, xls, zip, jpeg) to scan using templates.


Report search results in txt file format or integrate with third-party data visualization or analytics tools.

cohesity advantage
Build custom analytics apps

Inject custom code to run data processing jobs on stored data using Cohesity Analytics Workbench.


Mitigating threats is priority one. Yet when intrusion does occur, Cohesity’s reporting of that breach can help you more efficiently validate compliance.

White Lists

Prevent portability of PII using White Lists.


Receive notifications or warnings when data is tiered, archived, or replicated to a non-Cohesity target. Receive the notification when data leaves EU while still on Cohesity.


Export cluster- and system-level audit logs for additional analytics and breach detection with Cohesity.


We found a clear benefit to the simple scale-out design of Cohesity. It was an obvious advantage that the Cohesity architecture was based on hyperconverged nodes of both compute and storage.

Marteinn Sigurdsson, Infrastructure Architect, Thekking

View More

Get started

Green Pattern