So, after a two year build up, GDPR has been brought into law and we have already seen some major businesses blunders. From a continuous breach at Ticketmaster to BA’s misstep in asking people to post their personal information on Twitter.
In a post GDPR world, you would think things would have become much clearer… that, unfortunately, has not been the case. Things are still as confusing as ever and not every business is fully aware of the implications of GDPR on their backup and disaster recovery solution. At Backup Systems we want to shine a light on a number of these implications and enable you to create a bulletproof strategy.
Failing to create a working backup
Under the legislation, if your business fails to produce a working backup in the event of a disaster is considered the same as leaving a USB stick with all your vital data on a train. All companies handling customer data should have a solution that can restore access to “personal data in a timely manner in event of a physical or technical incident”. Companies that don’t meet these criteria can be at serious risk of IOC fines.
Physical tape & disc backups
Tape has saved many companies in the past but GDPR is making it harder and harder for companies to rely on this outdated strategy. Some reasons you may be worried if you currently rely on tape include, tapes being lost or in case of total loss the tape may no longer work on the replacement drive but the main area in which tapes just don’t measure up is around the “right to be forgotten”.
When you backup all your customer records on tape it can prove to be extremely challenging to remove their data from those tapes but simply stating it takes too long is not a good enough defence. The IOC has stated that,
“It should be noted that data protection law is technology-neutral. Merely because it may be considered ‘technically difficult’ to comply with some of its requirements does not mean organisations can ignore their obligations.”
So it makes sense to rely on a backup solution that gives you quick access to the information you need to remove and allows you to do so without potentially corrupting an entire tape.
Outsourcing and GDPR
For many businesses, the implications of GDPR on backup is a potential minefield. Most IT teams are already over-stretched and placing the additional burden of backup in a post GDPR world can seem risky. That’s why many organisations have opted to outsource their backup and disaster recovery to an expert.
Backup Systems provide you with a screenshot of your data each morning, meaning you are given access to your data in a timely manner each and every day. Our solution keeps your data on your network, never leaving your control and our fully automated service requires no intervention from your IT team reducing the risk of human errors. Our expert team are on hand 24/7 to provide you with constant support.
If you want to learn more about our managed service and how we could help you mitigate the risks of GDPR, then download our managed service guide.