By Morne Bekker, Country Manager at NetApp South Africa
For those following the #MonkeySelfie story, you will know that attorneys had recently settled a lawsuit around the actual copyright ownership of a monkey selfie that had taken the world by storm back in 2014. As the case drew to a close, the photographer agreed to donate 25% of any future revenue from the images to charities dedicated to protecting crested macaques in Indonesia. However, a predominant question arose from this scenario – who actually owns our data and similarly, who is responsible for collecting, processing and storing our personal information?
With the world going bananas over the wrap up settlement of the #MonkeySelfie, on a much grander scale, and tied to the sudden proliferation of cloud services, many countries have embarked on the process of implementing new compliance and regulatory measures around data sovereignty, data ownership and data security. This has caused a lot of confusion amongst business owners, who have been given a limited amount of time to comply with a barrage of new rules and regulations. Worse still, in the era of Big Data, many organisations are asking the question, “Can I still deliver a personalised approach when I am restricted around the collection and management of my customers’ data?”
The regulatory pieces of the puzzle
Traditionally within South Africa, enterprise data has been stored on cloud servers beyond our geopolitical borders and hence outside of our legal jurisdiction. Although there has been a shift towards the rise of regional data centres, the majority of local South African data still resides in continents such as Europe.
By 2018, data will soon be governed according to the principles of the General Data Protection Regulation (GDPR), which will basically reshape organisational approaches towards data privacy. Basically, the GDPR applies to ANY company, anywhere in the world that processes European Union citizens’ data.
According to the GDPR, organisations will need to:
o Minimise the amount of Personal Data collected
o Understand and manage personal data accordingly
o Notify the regulators of a data breach within 72 hours
Apart from the GDPR, South African companies that take advantage of local data servers will need to comply with the Protection of Personal Information (POPI) Act before 2018. Just like the GDPR, the regulation will dictate how companies collect, share and store their customer’s personal data.
Managing a narrow escape and mitigating the risks
In order for South African companies to manage to onslaught of new regulatory measures, a few elements should be foremost within the mind of the customer. Firstly, they need to build a strong data privacy compliance network. Secondly, they need to embrace the cloud. Additionally, companies need to up their cyber security measures and last but not least, they need to formulate data breach remediation and contingency plans.
Partnering with organisations such as NetApp will assist with risk mitigation. For one, NetApp can provide an integrated ecosystem of data connections across on-premises and the cloud through their data fabric solution. Described as the future of data management, NetApp’s data fabric gives organisations a sense of flexibility, allowing data to be moved and managed across all hybrid cloud resources while maintaining control of that data no matter where it resides. It seamlessly connects different data management environments across disparate clouds into a cohesive, integrated whole. It also helps organisations to maintain control and choice in how they manage, secure, protect, and access their data across the hybrid cloud..
This solution may be matched with NetApp HCI, the industry’s first enterprise-scale hyper converged solution. NetApp HCI delivers guaranteed performance, independent scaling, and Data Fabric integration as well as the NetApp ONTAP Cloud storage software service on Amazon Web Services. NetApp ONTAP Cloud Storage delivers enterprise control, protection, and efficiency to your data with the flexibility of the cloud.
Ultimately, by having the right tools at hand to manage data, organisations can take full advantage of their data like never before through the right combination of IT infrastructure visibility, management and reporting.