Protecting the data stored in database backups is not only for recovery purposes, it also helps to ensure that the data does not fall into the wrong hands. Organisations located in the EU need to use extra protections to avoid security threats and ensure the privacy of the digital data kept in their systems.
The EU General Data Protection Act (GDPR) dictates all owners of the system are responsible for protecting any data processed and stored by their organisation. Failing to comply with the terms may lead to a hefty penalty.
To adhere to the compliance, Backup Ninja uses advanced encryption algorithms to encrypt database backups and only transmits encrypted backups to cloud storage. Backup Ninja offers the ability to store your backups in the country of your choice so that you know your data is protected by local law.
General Data Protection Regulation (GDPR) is a set of rules for the EU citizens to protect and have control over their personal data when stored by any organisation. Any company which collects and stores data related to the people of the EU is required to comply with this regulation.
With GDPR enforced, any organisation who collects, stores, and disseminates personal data are responsible for its processing, protection, and any misappropriation of the gathered data. GDPR compliance also requires the organisation also has to respect the rights of the owners of the data. Violating the security and privacy terms by GDPR will result in penalties reaching into the tens of millions of euros.
Any data centre located in European Union(EU) is required to comply with the GDPR act. Article 17, ‘Right to be Forgotten’ in the EU GDPR talks about how the data subject has the right to request to remove data from any system. Many users believe, once a request to delete is made, data is deleted from all repositories, including the database backups stored in a different location. However, this may not always be true unless the data centres are bound by the data protection regulations of the country to protect the sovereignty of your data.
EU-based vendors and cloud providers with data centers within Europe must protect their network, systems, and devices from any unauthorised access to data as part of their compliance to GDPR. Appropriate data encryption methods for both in-transit and at-rest should be in place to avoid further security threats during data communication.