The laws behind data protection have always been complicated to say the least. With many laws contradicting one another depending on the type of company, type of industry, type of data, use of data and age of data. The complex rules and regulations often leave companies protecting their data incorrectly, or worse still they do nothing, and take no steps to protect their data or to comply with the Freedom of Information Act. This can leave them wide open to both fines and punishments from a number of governing and regulatory bodies.
As an online backup and disaster recovery company, we are very often asked by customers if we are able to help them to comply with these rules and regulations, enforced on them by the DPA and FoIA. Not only can we help companies in this situation, but we can actually make it easier for them to abide by these regulations, lifting the weight of responsibility.
There are a number of features within our Asigra software that make compliance very straightforward when compared to traditional tape solutions. For example, as part of the DPA any details that could be used to identify an employee, customer and / or client must be stored securely and not accessible to the public. Our system is able to store data using two 256bit encryption keys, with all encryption occurring before any data is transferred to our secure UK data centres in Manchester and London.
With built in encryption, automatic offsite backups and long term storage via retention rules our solutions conform with each aspect of the DPA automatically.
The ‘take home’ with the FoIA is that all public bodies must (in certain circumstances) release the data it holds upon request. The requested data can be historical information dating back any number of years. Utilising Asigra’s retention policies we can ensure that our client’s data is stored securely off site, for the length of time that is needed, recoverable at any point in time, should a valid request for data arise.
While these steps may seem simple and easy to follow, the number of public bodies that are falling short of these legal requirements is worryingly large.