With a product announcement this week, data protection company Druva aims to give enterprises assistance with managing the sometimes-conflicting aims of leveraging new technology for greater efficiency, while still remaining safe and secure in terms of data protection. So what has Druva got in the pipeline now?
Utilized by more than 3,000 organizations around the world and protecting data on a reported 3 million devices, Druva is all about data protection for the mobile workforce. What that means is that Druva takes care of backup and availability of data, alongside broad governance. Druva's product aims to ensure that specific data remains within the confines of your organization, while other data can be shared externally. Druva then sits in two camps - both the data backup and recovery space and the endpoint security space. These two worlds are increasingly coming together, and Druva is an example of this trend.
It is this second space, that of data governance, that sees some love this week as Druva tolls out the inSync Proactive Compliance Solution. This mouthful of a product name is an enhancement to Druva's inSync offering and helps to address ongoing challenges around protecting and governing data, especially given the move towards broader mobile adoption. What the offering does is extend the existing compliance functionality and help customers identify and act upon data risks across cloud services and mobile devices. According to Druva, the new offering creates something novel, a single platform that includes data availability – backup, restore, archival and share and now governance – which included compliance, search and audit and legal holds/eDiscovery. Other vendors might argue about just how unique the offering is, but nonetheless it is a pragmatic reaction to some real pain that IT departments feel.
"The modern enterprise is a mobile one, with more employees working from remote offices, homes and coffee shops. Once upon a time, VPNs and the data center provided data protection with the ability to backup and restore information to ensure its legal or regulatory compliance," said Jaspreet Singh, CEO of Druva. "This dispersed data landscape, with so much data outside the firewall, limits any business' ability to protect and control how data is accessed and used."
Given that growing proportions of enterprise data now sit outside of the organizational firewall and exists in a state of flux in and among cloud applications, cloud storage, and a plethora of devices, enforcing governance is getting increasingly difficult. IT departments need to locate, track, monitor, and preserve sensitive data, all without eating into the utility that these more flexible IT approaches can deliver. Add in the increasing number of industry-specific regulations that organizations need to contend with (HIPAA, PCI DSS, FACTA/FCRA, GLBA, COPPA) and you have some pretty stressful times in enterprise land. Some food for thought that highlights this issue, a Thomson Reuters survey of nearly 600 financial services firms indicates that almost 70% of respondents are expecting an increase in their compliance budget this year.
So, how is Druva helping with these problems? The Druva approach is to centralize visibility and control of business data that resides on employees' desktops, laptops, tablets and smartphones via integrated endpoint backup, data loss prevention, IT-managed file sharing and data governance controls. Druva continually mirrors end-user data, which enables data recovery for lost or stolen devices, allows remote user access to any file or folder from any device, and addresses eDiscovery support, compliance and forensics needs. According to the company, the primary components of the inSync Proactive Compliance Solution include:
- Proactive compliance capabilities address the growing challenges faced by enterprises around data tracking and monitoring to meet regulatory requirements. With proactive compliance, enterprises can track, monitor and be alerted of potential data risks associated with Personal Healthcare Information (PHI), Personal Credit Information (PCI), Personally Identifiable Information (PII) and Intellectual Property (IP) across both cloud services and end-user devices.
- Single monitoring dashboard: Compliance, security and legal teams have an easily navigable federated, drill-down, view; by data source, compliance risk type, risk level, user as well as other pertinent information to investigate infractions and make quick assessments.
- Pre-defined, customizable compliance templates: Organizations can select from a collection of pre-defined compliance regulation templates (ex. HIPAA, GLBA, PCI) or customize their own, and inSync will automatically scan, identify and classify risks and alert as necessary.
- Investigative searching: Companies that regularly conduct internal investigations or need to identify sensitive materials (HR data, IP, financial records) can utilize inSync's new federated deep-search capabilities, across both cloud and mobile devices, to pinpoint the data source and location across their end-user data.
- Legal authenticity and admissibility enables companies to ensure the integrity of their data for both compliance and legal needs by capturing extended meta data and creating a unique signature for every file in the system. In doing so, inSync is able to provide an auditable trail of a file's history and a litmus test for its unmodified integrity.
Data governance is an increasingly difficult challenge to solve. The formerly siloed worlds of data protection (backup, disaster recovery, etc.) and governance (auditing, control, visibility) need to become closer in order to help organizations take advantage of the benefits of new technology without greatly increasing the risks they face. This approach that Druva is taking, of bringing these worlds closer together, will increasingly be seen as the norm.
This article is published as part of the IDG Contributor Network. Want to Join?