GDPR will be here before we realize it, so let’s look at ways that BMC Software’s Recovery Solutions for Db2 and IMS help you not only comply with GDPR, but also help to ensure that your business stays out of the news for all the wrong reasons.
The regulations say that companies must be able to:
…. restore the availability and access to personal data in a timely manner in the event of a physical or technical incident
Note:
- The restoration of data and access to it must be completed in a “timely” manner. Timely is not specifically defined, but you can read as meaning “as quickly as technically possible.”
- The data must be recoverable after ANY physical OR technical incident.
Many companies believe that their disaster recovery plan with disk mirroring will suffice, but it’s likely to be insufficient for a couple of reasons:
- Any changes made to the original data will immediately be reflected in a change at the mirror. So, any accidental (or worse, malicious) deletion or update of data will itself be mirrored, and the mirror backup then becomes useless as a recovery mechanism. If this is your ONLY backup, then you may not be able to recover the data at all.
- A catastrophic data loss of the kind that mirroring is ideally placed to protect is by far the least likely event to occur. Human error, sabotage, or plain stupidity are all far more likely to be the source of your data recovery challenges. These will require a LOCAL recovery (or correction) of the data – and a mirrored device strategy is NOT the best choice here.
To fully comply with GDPR’s insistence on timely recovery from any eventuality, companies will need to have flexible recovery plans in order to react to any data corruption/loss event.
Remember, experience (and other people’s misfortune) show us that your recovery challenge is likely to arise due to a COMBINATION of events leading to data loss or corruption. A combination of events makes it impossible to plan a recovery technique in advance. A software recovery solution is your best choice as only a software-based strategy can give you total flexibility AND the ability to refine the strategy should you ever have to perform a recovery for real.
BMC provides the fastest utilities available for both securing backups and performing data recoveries, the latter ensuring that your company complies with the “timeliness” directive of GDPR. Your own auditors will define what “timely” means for your company, but you are going to need to restore access to the data as fast as possible.
BMC has you covered with:
- A software-based recovery solution enabling data to be recovered no matter what the originating incident(s)
- Creation of all the steps necessary to perform that recovery, eliminating the “think” time that will slow down recovery efforts
- The fastest recovery tools on the market for both Db2 and IMS
Remember, GDPR comes with sanctions. Failure to comply with GDPR can ultimately result in a fine of up to 4% of annual GLOBAL REVENUE or €20 MILLION whichever is the HIGHER (and at today’s exchange rates, that latter figure is a little over $22 million!).
Next time, I will look at the GDPR requirement to continually demonstrate compliance with data availability and recoverability. Continued testing and validation must be performed to ensure that changes do not compromise compliance. Of course, it goes without saying that BMC has your back there as well.
In the meantime, for those of you who are impatient to get started, please visit the GDPR pages on the BMC website at www.bmc.com/info/mainframe-gdpr.html
Dummies Guide to Security Operations
These postings are my own and do not necessarily represent BMC's position, strategies, or opinion.
See an error or have a suggestion? Please let us know by emailing blogs@bmc.com.
