Planning for a more privacy-preserving future
CXOToday has engaged in an exclusive interview with Mr. Balaji Rao, Area Vice President, India & SAARC, Commvault
How has the data privacy landscape changed with the onset of pandemic?
If there are one thing that pandemic highlighted the most – it was the power of digitalization. As such, the dependency on data sky-rocketed, simultaneously opening a pandora’s box of malignant cyber-threats to our economy. For organizations, accelerated digitalization created several opportunities along with unseen vulnerabilities, leading to an increase in breaches and this trend is set to continue. As the world becomes more interconnected, privacy and data protection measures have become a vital consideration for enterprises to ensuing frequent data breaches. With the current pace of technological advances and innovation, it is important for companies to be mindful of relevant legislation and regulations on the horizon to address the pressing privacy and data challenges facing business operations everywhere. India is currently undergoing a stellar digital overhaul, and this has resulted in a growing demand amongst consumers for a solid system safeguarding their digital privacy. The government of India is enabling an ecosystem of securing the personal data with the new Digital Personal Data Protection Bill. As such, enterprises must align their pursuits and policies adhering to an individual’s right to protect their personal data and process data for lawful purposes. This will eventually lead to India’s transformation into a digitally empowered, fair and transparent economy.
What are some of the prominent data privacy challenges currently faced in India?
In today’s world of data sprawl, with rising data security threats, and increasing data regulations, the stakes have never been higher. One of the primary challenges with data privacy is an enterprise’s assumption on ‘how ready are they!”. Data privacy, whether driven by DPDB in India or any of the global legislations in other countries, is just the right thing to do and should be treated as a cornerstone of an enterprise’s data management strategy. With changing expectations for the collection, storage and handling of personal data, enterprises need to let go of their existing assumptions and correct measure their regulatory readiness.
To rightly manage personal and sensitive data per the regulatory norms, you first have to know where it resides. This is difficult when you’re dealing with a lot of siloed unstructured data like emails and documents, which is the case for more organizations today. At the same time, you must be ready to respond to a potentially huge influx of data subject requests regarding the data you’ve been gathering, including requests to erase personal data – all within expected time frames.
As one of the biggest tech-driven economies, India has also been privy a hotbed for cyber threats. According to the Indian Computer Emergency Response Team (CERT-In), there has been an increase in ransomware incidents in India by 51% in 2022-H1 compared to 2021. Legacy data protection environments were never built for the petabyte-scale of data, the cloud-native world, or the new data sources and workloads. And without suitable optimization, they cannot meet modern requirements such as granular/fast recovery, compliance with tougher regulations s, protection of data across edge to the cloud, or resilience against new threats from inside and outside the organization such as ransomware and accidental deletions.
Why is there a need for strong information security framework in today’s era?
Digital trust, resilience, and availability are the hallmarks of a digitally transformed enterprise. With data underpinning these hallmarks, it’s no surprise that data protection and governance are becoming much more strategic and a boardroom priority.
With the massive data sprawl, IT teams have more data than ever to protect – all living in unique locations. As data sprawls across edge, on-prem, cloud, and SaaS apps, wrangling and safeguarding this data is increasingly challenging. To secure the data deluge, organizations need a comprehensive data protection framework that breaks down silos, enabling a single view protection of individual endpoints (laptops and desktops in remote locations); on-prem and in-the-cloud databases; and data residing in different public and hybrid clouds.
Furthermore, cyberattacks are becoming increasingly sophisticated, with attacks targeting backup copies first. Without a modern data protection framework, which offers additional layers of security, such as air gaps and immutability, it would be impossible to safeguard the data, support compliance and governance, as well as build digital trust towards an economy.
Safeguarding your data is akin to protecting your integrity and a strong information security framework reduces the risk of internal and external attacks on information technology systems. They also protect sensitive data from hacks, allows for immediate and impenetrable backups, therefore ensuring business growth and continuity. With the onset of the new Digital Personal Data Protection Bill, India is paving the way for a strengthened ecosystem with ease in flow of data and increased penalties for breaches.
How can intelligent data services help businesses protect their critical assets and reputation?
Digital transformation changes everything when it comes to data. Data and workloads have evolved over time, leading to a multi-generational data sprawl that introduces multiple risks to the businesses. Collectively, this set of risks form a Business Integrity Gap, the gap between where organizations’ data environments are today, hampered by the challenges of data sprawl, and where their data environments should be in order to thrive, accelerate, and digitally transform themselves.
A sophisticated and robust intelligent data service platform enable organizations to proactively simplify and manage the complexity of enterprise data, accelerating growth and helping ensure the fundamental integrity of their business. A powerful intelligent data services platform is future proof, and has the ability to adapt to all your data needs –data management, data security, data compliance, data transformation, and data insights, across hybrid clouds, multi-clouds, on-premises and everywhere in between.
It has and will adapt to your data management needs so that no matter what technology you are going to use next, you can effectively and consistently manage that technology and all your data associated with it.
Data residing in organizations is often siloed and fragmented – intelligent data service platform helps businesses seamlessly transform their data strategy around how you protect, store, and use that data. Incorporated with artificial intelligence and machine-learning, the multi-layered security that the platform offers further help businesses to mitigate the risk of ransomware occurrences and help accelerate data recovery efforts, in the event a ransomware attack does get through
Commvault Intelligent Data service platform goes one step ahead, offerings enterprises the ‘power of AND’—the ability to extend between on-premises and cloud with a single integrated solution, harnessing the true value of enterprise data.
How Commvault helps in remediating data risks and helps in focusing on organisation’s broader governance strategy?
If you can’t see your data, you can’t comply with regulatory norms- It is as simple as that!
As the worlds of IT, security, governance, and political cultures continue to collide, a multi-vendor IT and security solutions makes things harder, not simpler for businesses. Instead, businesses need a unified architecture and approach to protect data of employees, customers, and constituents, avoiding massive data sprawls.
Implementing a more comprehensive Intelligent Data Management platform helps IT and security leaders look across their entire ecosystem to identify data sources, and simplify data organization, regardless of where it is located and how it is managed. This enables businesses to spot anomalous activity and vulnerabilities, remediate risks, reduce redundant data, and implement automated policies to protect data and work towards meeting national and global privacy regulations and compliance requirements.
Commvault’s Intelligent Data Services Platform delivers the best approach to mitigating exposure and risk today and to be ready for this ever-evolving global regulatory environment and relentless threat landscape. While technology plays a critical role, intelligently managing data privacy and risk starts with establishing a cross-functional team of data-minded experts and partners to develop a plan and execute on a tailored strategy per the business needs. At Commvault, we have a legacy of 26 years of helping customers tackle these challenges successfully and we continue to do so every day.