Commvault Urges Businesses to Prepare Now for EU GDPR

Commvault, a provider of software for enterprise backup, recovery, archive and the cloud, is urging businesses to prepare now for EU GDPR.

Businesses need to act now for the arrival of the EU GDPR compliance regulations, or risk being among the first to be penalized when the regulations take effect in 12 months’ time, according to the vendor, which contends that corporate complacency is one of the biggest barriers to GDPR compliance with many organizations yet to implement either suitable processes or technology.

With instances of intrusions such as ransomware and leakware on the rise, failure to implement a secure data management platform can result in organizations facing damaging financial penalties.

Described as the toughest piece of privacy regulation in the world, and the most significant privacy regulation update since 1995 when the original Data Protection Directive was launched, GDPR was passed in April 2016 and will take effect on May 25, 2018. It is designed to transfer power back to individuals in how their data is processed and has implications for any global organization that manages personal information of EU citizens.

EU GDPR has been on the radar of European countries for a while now, but not many organizations are actually taking steps to become compliant, said N. Robert Hammer, chairman, president and CEO, Commvault. Noting that no one wants to be the “poster child” for the penalties laid out by the regulations, Hammer said that there is still time for organizations to ensure compliance in advance of the May 2018 deadline.

According to Commvault, it can help companies meet specific articles and principles of GDPR, including the right to be forgotten, data protection by design and by default, ensuring ongoing confidentiality, integrity, availability and resilience, 72-hour data breach notification, data minimization principle, data transfers and portability, and more. To tackle these specifications from GDPR, the Commvault Data Platform indexes content from the data that it touches, uniquely providing a single point for organizations to locate Personally Identifiable Information in unstructured data, whether in backups, archives, core enterprise, private and public cloud environments, and also in Endpoint Protection.

The Commvault Data Platform has been built with security in mind and provides organizations with the ability to identify, mitigate, and recover from cyberattacks. Commvault utilizes sophisticated intrusion detection software to enable organizations to recognize threats such as ransomware, or the lesser-known leakware, which exposes personal customer data to the public unless a ransom is paid. By being aware of ongoing threats, companies are better able to protect Personally Identifiable Information and maintain GDPR compliance - even when vital systems are under attack.

The new legislation includes the new “data protection officer” concept, which is a role to monitor compliance, and it can be filled by someone from the company staff or by an outsourced vendor. 

For more information, go to