Protecting customers’ personal information against loss or damage is just as important for companies considering the Protection of Personal Information (POPI) Act as protecting it against theft and unauthorised access, says Jos Floor, Director of Corporate and IP Law for Floor Swart Incorporated.
“Section 19 of the Act says companies must take appropriate and reasonable measures to protect personal information against loss and destruction,” says Floor. “That means keeping your own security and data protection up to date, and making sure anybody who handles data on your behalf does the same. As the responsible party, it’s your job to ensure your suppliers comply with the requirements of the Act.”
While most companies easily grasp the importance of making sure personal data doesn’t fall into the wrong hands, says Warren Olivier of Veeam, fewer understand the importance of protecting it against loss or corruption.
“Losing personal data can cause serious problems for your customers,” says Olivier, who is Veeam’s Regional Manager for Southern Africa. “Imagine what would happen if you lost the records of their account payments, for example, or medical history files got corrupted. Knowing that data will always be available is critical.”
Maintaining data availability goes beyond simply keeping backups, adds Olivier. “Having a backup is worth nothing unless you can actually restore from it -- so every backup needs to be tested, as well as being securely stored and encrypted.”
He says Veeam Availability Suite includes 256-bit end-to-end encryption so that every backup is protected against unauthorised access -- and that encryption keys can be set per server or per backup job, ensuring that different departments are able to keep their data segregated from each other if necessary.
In addition, notes Olivier, “companies need to ensure that data is protected appropriately during the recovery process. Asking a low-level help desk employee to restore a database of customer details, for example, is not on. Good solutions for data availability should include easy item-level recovery, so only authorised people can access only the information they need.”
“A lot of this is just good IT practice anyway”, says Floor. “A company that’s already ISO or COBIT compliant probably won’t need to do much extra work to ensure their processes and operations are in line with the security requirements of POPI.”
On the other hand, he warns, “the Act says that as the holder of personal data you must inform both the Regulator and the data subject if that information has been accessed or acquired by an unauthorised person. It’s far cheaper to protect yourself, and your data, to make sure that problem never occurs in the first place.”
About Veeam Software
Veeam® enables the Always-On Business™ by providing solutions that deliver Availability for the Modern Data Center™, which provides recovery time and point objectives (RTPO™) of less than 15 minutes for all applications and data. Veeam recognizes the challenges in keeping a business up and running at all times and addresses them with solutions that provide high-speed recovery, data loss avoidance, verified protection, leveraged data and complete visibility. Veeam Backup & Replication™ leverages technologies that enable the modern data center, including VMware vSphere, Microsoft Hyper-V, NetApp storage, and HP 3PAR StoreServ and StoreVirtual Storage, to help organizations meet RTPO, save time, mitigate risks, and dramatically reduce capital and operational costs. Veeam Availability Suite™ provides all of the benefits and features of Veeam Backup & Replication along with advanced monitoring, reporting and capacity planning for the backup infrastructure.Veeam Management Pack™ for System Center is the most comprehensive, intuitive and intelligent extension for app-to-metal management of Hyper-V and vSphere infrastructures, and includes monitoring and reporting for Veeam Backup & Replication. The Veeam Cloud Provider (VCP) program offers flexible monthly and perpetual licensing to meet the needs of hosting, managed service and cloud service providers. The VCP program currently includes more than 5,000 service provider partners worldwide.
Founded in 2006, Veeam currently has 25,000 ProPartners and more than 111,500 customers worldwide. Veeam’s global headquarters are located in Baar, Switzerland, and the company has offices throughout the world. To learn more, visit http://www.veeam.com.