Druva, the leader in data protection and governance at the edge, today unveiled a set of new capabilities that together comprise a comprehensive data privacy framework to enable businesses to meet growing global privacy demands. The new framework, built on Druva’s industry-proven cloud security foundation, addresses often-neglected concerns about corporate and employee data misuse and emerging legal data requirements.
There is a rapidly increasing data privacy concern around the globe; Germany, France, Russia, Singapore and others have recently taken steps to ensure the privacy of their citizens’ personal information by adopting new data protection regulations. This, combined with existing regulations such as HIPAA and FINRA in the United States has had a sweeping impact on global corporations. These businesses must now adapt their IT infrastructure to support the varied regional requirements or face potential sanctions and/or legal repercussions.
Druva centralizes and controls business data residing on employees’ desktops, laptops, tablets and smartphones via integrated endpoint backup, data loss prevention, IT-managed file sharing, and data governance controls. Druva continually mirrors end-user data, which enables rapid data recovery for lost or stolen devices, allows remote user access to any file or folder from any device, and supports eDiscovery, compliance and forensics needs.
The new privacy capabilities include geo-defined governance and administration features that ensure data privacy. Druva customers can also delegate storage and data administration rights to regional personnel, enabling global organizations to meet varied regional data privacy requirements within a single cloud solution. This geo-specific capability is critical for global organizations such as those with operations in Germany, whose data protection act mandates stringent employee data regulations, including a ban on data storage outside the country.
The new features complement Druva’s use of Amazon Web Services, which recently opened its German region and supports data centers worldwide, as the underlying inSync cloud infrastructure. Druva now supports over 11 regions, which include Germany, GovCloud, Japan, and Australia.
“Securing data is important, but addressing security without enacting appropriate privacy measures leaves data – and companies — vulnerable. Today, more than ever, global organizations must comply with regional data regulations. Privacy concerns are being forced into IT’s top priorities. Focusing exclusively on security can compromise privacy, exposing organizations to negative publicity as well as possible legal and regulatory action,” said Jaspreet Singh, CEO, Druva. “With 70 percent of new inSync customers now choosing our cloud deployment option, we have developed a rigorous privacy framework to reduce those risks and support their global needs.”
“As a global company, we must comply with a litany of privacy regulations. There are regional data residency requirements and complicated employee privacy laws, and we also must be able to provide access to different types of data for legal and compliance reasons,” said Arnaud Colineau, Director IT Governance, Risk and Compliance, Amer Sports. “Druva’s new data privacy framework provides crucial capabilities necessary to allow Amer Sports to take advantage of the security, scalability and ease of use of the cloud, while ensuring we have the flexibility and control required to keep our data private.”
Druva Privacy Framework
The components of Druva’s data privacy framework are designed to protect organizations from unauthorized data access, thwart misuse of employee data by authorized users, and ensure data integrity regarding legal or compliance initiatives. This unique combination of safeguards includes:
- Global Storage Locations: Support for 11 global admin selectable regions that are policy-configured to ensure data is stored to meet DPA requirements, including the newest region in Germany.
- Data Producibility Restrictions: Druva’s approach to storing unique block data separated from metadata, along with its unique envelope key encryption model, delivers the highest level of data-scrambling and obfuscation ensuring cloud data privacy — no third party, not even Druva under court order, can provide access to your data.
- Delegated Role-Based Administrators: Regional end-to-end data management enables global organizations to meet local privacy laws while maintaining a single system of record for corporate governance.
- Audit trails for end-users and administrators: Ensuring that all data access and file sharing activity is tracked with tamper-proof audit logs so that data privacy violations and interference with data integrity can be identified for forensics, regulatory, eDiscovery, and compliance investigations.
- Individual privacy controls: Depending on regional requirements, end-users can be set private by default or flag their personal data to ensure administrators do not have visibility into their data.
- Data segregation: With Druva’s mobile device containerization and exclusionary backup controls end-user personal data can be maintained separate from corporate data on both BYOD and COPE devices.
- Adaptive Administrator Roles: Administrative flexibility enables organization to address specific needs around compliance and litigation. For example, an explicitly defined legal administrator can override privacy controls to enforce data governance.
To learn more about Druva’s new data privacy framework, visit www.druva.com/dataprivacy or join Druva for a live webinar on March 12 titled, “Cloudy or Clear? Understanding Today’s Global Privacy Requirements in the Cloud.”
Druva is the leader in data protection and governance at the edge, bringing visibility and control to business information in the increasingly mobile and distributed enterprise. Built for public and private clouds, Druva’s award-winning inSync and Phoenix solutions prevent data loss and address governance, compliance and eDiscovery needs on laptops, smart-devices and remote servers. As the industry’s fastest growing edge data protection provider, Druva is trusted by over 3,000 global organizations on over 3 million devices. Learn more at www.druva.com and join the conversation at twitter.com/druvainc.