USE CASE BRIEF SUPPORTING REGULATORY COMPLIANCE Reduce Your Risk and Drive Down Cost KEYS TO STAYING IN COMPLIANCE New strategies are needed to increase visibility and productivity, while reducing risk and overall costs. • Protect unstructured, file-based data by consolidating it in a secure, well-managed storage device. • • ssess risks by gaining a complete picture A of your data: where it is, who has access to it, and what it contains. onitor user activity – file reads, M writes, updates, and deletes – to identify suspicious patterns. • Deploy data-aware appliances to monitor and analyze data at the point of storage. WHERE IS YOUR DATA MOST AT RISK? Managing the Risks to Your Data Most organizations are subject to a variety of federal and state laws, industry regulations and internally-defined policies governing the use and handling of sensitive and confidential data. With growing security threats, sizable fines for non-compliance and breaches making headlines, ignoring the problem is no longer an option. While the headlines focus on household names, small and mid-size organizations suffer just as many breaches, and need to address this growing concern. Limiting access to sensitive data and knowing who is accessing it are at the core of every data privacy mandate, yet achieving these goals can be challenging, complex and expensive. Many regulations are not prescriptive in nature, are subject to broad interpretation, and require a great amount of effort and resources to implement. The result- an incomplete understanding of an organization’s risk profile and IT managers that are forced to take short cuts. Available resources are prioritized to policing clients and mobile devices, strengthening authentication and the network perimeter, leaving the bulk of the IT infrastructure vulnerable. Small organizations and businesses, subject to the same legal frameworks as large enterprises, are often the most exposed. To better address security concerns across the enterprise, organizations must first harden their underlying data center infrastructure with simple, resource-efficient storage solutions that automate risk exposure analysis and user access auditing. The Downside of Poor Compliance Management • High risk of exposure and breach While database and application security is important, today’s data centers are comprised of up to 70% virtualized workloads and 80% file-based data. • A lack of awareness and understanding of the company’s real risk • Intensive, manual efforts to support audits and prove compliance • Disruption and lost productivity due to breach investigation, remediation and notification • Fines, lawsuits and lost revenues Rein in Cost, Reduce Risks Meeting compliance requirements often exhausts available budgets due to the high cost of external consultants, professional services and implementation overhead. This is especially true in mid-size organizations that lack the skills and resources needed to implement a comprehensive compliance program. In addition, intrusive monitoring and analytics software layered across the infrastructure inhibits performance and requires ongoing maintenance. The DataGravity Discovery Series addresses these concerns by allowing IT organizations to more effectively comply with data security and privacy regulations and policies without hiring additional staff. Based on a patented architecture, DataGravity is a data-aware storage platform, analyzing stored content for sensitive and confidential data, recording user access as it happens, and correlating and indexing content for easy search and discovery. With DataGravity, you can quickly identify out-of-compliance files and who may have accessed them, execute ad hoc queries for forensics and auditing, and simply export user access audit reports. “Classic storage systems have little to no idea about the precise nature of the data that lives inside them. It’s why additional applications have to be layered on top to extract any intelligence about the actual information residing in the system for data e-discovery, compliance and security purposes.” SIMON ROBINSON 451 Research CONFIDENTLY MEET YOUR STRINGENT REQUIREMENTS The Discovery Series is a storage appliance that helps you to easily and efficiently uncover compliance issues hidden in files throughout your virtualized and physical infrastructure. With a built-in analytics co-processing engine, the system analyzes file content and records all users’ file activities automatically, without additional software to install or manage, and without impacting your production environment. DataGravity helps you: • Proactively find sensitive and confidential data without impacting your operations and data usage • Quickly • Track • Accelerate data access and usage across all files within the system • Meet regulatory audits mandates with built-in access and activity logs and user access profiles 6x assess exposure risk by knowing who has accessed your data and when they accessed it responsiveness with proactive alerting and exportable violation reporting Businesses with less than 5,000 people currently pay up to 6X more per employee on compliance compared to larger businesses. DataGravity helps keep your company in compliance, providing unmatched visibility into your content and its user access history. The cost of a non-compliance event can exceed the cost of compliance by 2.5X. MINIMIZE THE RISKS TO YOUR ORGANIZATION For organizations with strict compliance requirements, DataGravity helps: •Achieve a more reliable and repeatable process of compliance enforcement •Reduce exposure of the organization’s most at-risk data •Meet regulatory audit mandates with built-in access and activity logs and user access profiles •Increase productivity, simplify procedures, and lower costs 100 Innovative Way, Suite 3410 Nashua, NH 03062 603.943.8500 [email protected] datagravity.com Decrease the liabilities embedded within your data with DataGravity. DATAGRAVITY @DATAGRAVITYINC DATAGRAVITY ©Copyright 2015 DataGravity, Inc. All Rights Reserved. DataGravity believes the information in this document is accurate as of its publication date. The information is subject to change without notice. All other trademarks used herein are the property of their respective owners. UC_supportreg_20150402 FOR MORE INFORMATION, GO TO DATAGRAVITY.COM