Zadara Storage Cloud and VPSA Services Provide the Foundation for GDPR Compliant Data Centres
Zadara®, a worldwide provider of enterprise-class storage-as-a-service (STaaS), today announced that its award-winning Zadara Storage Cloud and VPSA® services adhere to the European Union’s new General Data Protection Regulation (GDPR). With this announcement, corporate enterprises, service providers and other entities doing business worldwide have a simplified path to completing their own compliance with the requirements of the regulation.
The GDPR (Regulation EU 2016/679) is a new European privacy law, due to become enforceable on May 25, 2018, that protects European Union (EU) citizens’ right to privacy. It introduces robust requirements that will raise standards for personal data privacy, protection, security, and compliance. The GDPR will replace the existing EU Data Protection Directive, and is intended to harmonise data protection laws throughout the EU. The regulation is the most significant and broad reform to data protection law in 20 years, and will globally impact all organisations processing EU subjects data. Organisations who fail to comply will be subjected to large fines.
Zadara Storage Cloud and VPSA Services offer a wide set of controls to assist customers with their own GDPR compliance.
- Highest level of physical security with biometric locks on Zadara’s equipment cages
- Strict role-based access control
- Secured management communication that is always encrypted
- Data at-rest encryption with customer-owned keys
- Data in-flight encryption for any data movement
- Robust identity management with dual-factor authentication
- Customers can select the region where the data is kept
- Multi-tenancy with complete networking and resource separation among tenants
- Data deletion and drive shredding when the data is to be removed
In addition, Zadara conducts ongoing security testing of its Zadara Storage Cloud and VPSA Services. Zadara maintains security certifications such as ISO 27001, SOC 2 Type 2, and HIPAA. These certifications and audit reports can be used for customers risk assessments and help them determine that the proper security measures are in place. Zadara trains all employees on data privacy, to have them aware of Personally Identifiable Information (PII) sensitivity, and the company commitment to be GDPR compliant.
“Zadara has always considered data protection and data privacy to be a number one priority, and has designed these features into its underlying architecture,” said Oded Kellner, vice president of product management and data protection officer at Zadara. “GDPR is now forcing companies worldwide to rethink their internal infrastructure and processes. We are pleased to be taking a leadership position by offering our customers a GDPR-compliant foundation upon which their entire IT operation can be built.”