Data Privacy: Coming To A Country Near You?

In the US, we do not tend to think much about data privacy in the workplace.  We generally default to a belief that our employer owns the network and devices, so it has  the legal right to store, process (and view) the content that we create – even email messages.  But those rules are not the same in many other areas of the world, particularly in the European Union.  And many organizations with operations outside of the US may soon find themselves in the middle of a clash of cultures.

In the EU, personal data – which is broadly defined — is subject to the EU’s data privacy directive.  Personal data cannot be processed or transferred outside the EU area, such as to the US, without an “adequate safeguard”.  In practice, this means that everyday IT operations such as archiving, backup and even transfers between data storage devices (such as tiering) must have an “adequate safeguard” if data is moving from the EU to the US.

Most organizations in this situation have relied on a relatively straightforward Safe Harbor self-certification to meet the “adequate safeguard” requirement.  But recent developments, including news of the NSA’s surveillance operations, have put the Safe Harbor at risk, with some calling for its repeal.  In addition, German data protection authorities are already limiting the Safe Harbor exception.  These developments may require many organizations to find a new safeguard from limited options:  either Model Contracts or Binding Corporate Rules, both of which are more complex and difficult to implement in practice.

Of course, many organizations have long relied upon a third option — the unofficial “head in the sand” exception where transfers are made without any recognized safeguard in place.  Generally speaking, enforcement of the data privacy directive has been sporadic. But even that may be changing, with proposed changes to the privacy directive enabling fines of up to 2% of global revenue for violators.  That threat could force many “head in the sand” users into strict compliance.

For now, the Safe Harbor remains in place.  With the recent activity, it’s probably a good idea to run an internal audit to confirm your organization’s compliance.  As the EU becomes even more aggressive in this area, many organizations will need to strike a better balance between the lax privacy requirements of the US and an increasingly strong privacy regime in the EU.

Jim Shook

Jim Shook

Director, eDiscovery and Compliance Field Practice, Data Protection and Availability Division
I am a long-time “lawyer/technlogist”, having learned assembly language on a TRS-80 at age 12 and later a degree in Computer Science. But the law always fascinated me, and after being a litigator and general counsel for over 10 years, the challenges that technology brought to the law and compliance let me combine my favorite pursuits. I spend my days helping EMC’s customers understand their legal and compliance obligations, and then how to apply technology and best practices to meet them.

Backup to the Future with VSPEX

Our Backup to the Future launch event was awesome. More than 23,500 of you (and counting) have viewed the event since  July 10, and many of you have asked questions of our experts.

And what’s great is that all the products we announced, including the new midrange Data Domain Systems and the updates to EMC Data Protection Suite (Avamar 7, NetWorker 8.1) will be available with VSPEX Proven Infrastructures this quarter.


Why is this important?

EMC backup supercharges the VSPEX value prop. You’ll be able to complete backups within windows (up to 90% less time required) and data will be recoverable (via our Data Invulnerability Architecture).

Without backup as a bottleneck (or worry), you’ll have the confidence to go full speed with virtualization – and do more. More virtualization… more app rollouts… more IT projects that drive revenue. And this means more free time for you. Win-win!

One last thing…

Customers who deploy EMC Backup see onaverage a 7 month payback and if they’ve consolidated backup and archive workloads on DataDomain, a 6 month or less payback.

That’s real money that keeps accruing to the bottom line after just two quarters. It’s a backup future anyone can like.


Mark Doncov
I’ve spent most of the seven years I’ve been at EMC on backup. Currently, I work on category and solution marketing initiatives in EMC’s Backup Recovery Systems division. In short, this means I focus on the “why” for EMC Backup, not the “what”; I leave the bits and bytes to the product teams. Over the years, I’ve seen big changes in the backup world. I will be looking at these – and the even bigger ones that lie ahead - here on The Backup Window and other social channels.

Who’s the Conductor of Your Backups?

I am fortunate to have two musical children who are both very talented at their respective instruments. When they play or practice alone they are able to control the tempo and volume of the piece independently. However put them with others in an orchestra and suddenly they need to coordinate not only their tempo, but with that of their section and other instruments. This would be impossible without the conductor.

The conductor has visibility to all the scores of music, they are able to bring in and fade out sections of instruments to achieve a perfect balance. Much the same as a backup administrator should be able to do. The backup admin perhaps does not have the individual skill to backup the Oracle Database, or the Exchange Database. Or perhaps does not have the precise tool to backup the virtual servers.

To read the full post on our sister site Thought Feast, click here.

Mark Galpin

Mark Galpin

EMEA Product Marketing, Data Protection and Availability Division
As a product marketing lead based in Guildford, Surrey, I'm often seen presenting to EMC’s partners and end users at various events across Europe. I have over 20 years experience in the storage market, largely gained in the financial and legal sectors, including PaineWebber, part of UBS, and Clifford Chance, the international legal practice, where I was the storage manager for a number of years. But I've also held had product marketing stints at Quantum and previously at EMC. I'm married with two children and live in Guildford, Surrey.

A “Two-In, Two-Out Rule” for Data Protection?


There’s a common operating practice in firefighting called the two-in, two-out rule. It’s a backup plan for firefighters.

Two-in establishes common operating procedures for firefighters inside hazard areas (e.g., firefighters operate must operate in a Buddy System); two-out pairs the inside team with an outside team for additional protection.

For the rule to work, communication between inside and outside teams is critical. Two-in teams have to maintain voice or visual contact with each other at all times, and one person on the two-out team is accountable for its two-in team at all times.

The other member can take on additional responsibilities at the scene but can’t take on tasks that are critical to the safety and health of any other firefighter.

There’s no room for communication gaps. The stakes are too high.

So, what if there was some sort of two-in, two-out rule for IT? What would the rules be? What would the teams look like? How would the rules affect common IT operating practices? What would the effects be on your business?

Over the next few posts, we’ll explore these questions. We’ll look at the communication gap that exists today between IT teams and, importantly, between IT teams and the business, we’ll define the teams and we’ll establish some rules of engagement in and among these teams.

And, lastly, we’ll look at some of the tools (products, architectures, etc.) organizations can leverage to help bridge some of gaps within their organizations.

Why do this? That’s simple: Transformation is going to happen with or without you.

So, who’s got your back?

Heidi Biggar

Heidi Biggar

Marketing and IT Consultant, Data Protection and Availability Division at EMC Corporation
I’m often asked how a political science major at Tufts wound up in the IT world, covering backup, storage, virtualization and cloud of all things. Truth is, it’s really a love for learning, a need to understand the “bigger picture” and a desire to share that view with others that’s steered my path over the past 20 years, from campaign manager to editor, analyst and marketer. After hours, you’ll find me hanging with family, running 10ks through Peachtree City’s 90 miles of cart paths, watching football or reading. I’m a New England transplant enjoying life in the South. In my previous life, I also blogged for ComputerWorld, Enterprise Strategy Group and Hitachi Data Systems, but The Backup Window is my baby. It's been great watching it evolve.

App Integrations That Will Make You Want to Sing and Dance!

Last week on The Backup Window, we talked about the new bigger, better, faster, stronger Data Domain systems. While Caitlin was rocking out to Kanye, I had the cheesy tune “We Go Together” from Grease stuck in my head.  In addition to the new systems, we expanded Data Domain archive storage capabilities and further enhanced application integration. So, Data Domain works better than ever with a variety of data sources and applications, like a perfectly choreographed musical and that’s the way it should be!

Optimized Archive Storage

Data Domain systems are the ideal protection storage platform for backup and archive data and the benefits of consolidating backup and archive are pretty impressive, see for yourself in this white paper and infographic from IDC. Simply put, they go together like rama lama lama da dinga da dinga dong. (I’m pretty sure that’s what Danny and Sandy were referring to.)

With this launch, we’ve enhanced Data Domain systems to support archive environments in two key ways: lowered the $/GB and expanded the ecosystem. First, the significant $/GB savings offered by the new generation of Data Domain systems enables you to leverage Data Domain as a dedicated archive storage platform. Using Data Domain systems for archive storage greatly reduces storage costs while still meeting both US and international compliance regulations.

In addition, we have continued to expand the archive partner ecosystem, with new support for OpenText, an industry leader in content management archiving software and Dell Archive Manager for email archiving. With the newest additions in this release, Data Domain systems now support 20 different archiving applications for file/email, content management, database, and storage tiering use cases. This offers the flexibility to protect your archive data on a Data Domain system with the industry leading application that best fits your needs.

Data Domain Ecosystem


Enhanced Application Integration

Data Domain systems and enterprise applications such as Oracle, SAP as well as backup applications like Avamar, and NetWorker are made for each other like wop baba lumop a wap bam boom and continue to integrate seamlessly with these exciting new updates.

Direct SAP HANA Backup

Data Domain systems now support direct backup from SAP HANA Studio via NFS – enabling SAP HANA DBAs to leverage efficient protection storage while maintaining control of backup processes. Data Domain systems significantly reduce HANA backup storage requirements and provide faster, secure network-efficient for disaster recovery.

Data Domain Boost Enhancements

Here’s the latest Data Domain Boost ecosystem – where we’ve enhanced 3 of our 8 existing integrations – Avamar, NetWorker and Oracle RMAN.

Data Domain Boost Ecosystem

With the latest enhancements to DD Boost for Oracle RMAN, DD Boost can backup Oracle Exadata giving Oracle DBAs the ability to control Data Domain replication with full RMAN catalog awareness. It’s one of a kind like dip dadip dadip doowop da doobee doo!

SAP DBAs who run SAP on an Oracle database can also now leverage DD Boost for RMAN to backup and replicate SAP using BR*Tools. This provides faster, more efficient SAP backup and keeps backup and DR control in the hands of SAP application owners.

With the launch of Avamar 7, DD Boost for Avamar can support all data center use cases with the addition of NAS (via NDMP) and file systems support. In addition, Avamar 7 introduces a new feature called ‘VM Instant Access’, which enables VM images that are backed up with Avamar to Data Domain, to be accessed instantly and run from the Data Domain system. This provides the end user access to a VM in under 2 minutes, enabling access when they cannot wait for a full restore.

In addition, EMC NetWorker 8.1 introduces support for Data Domain Boost over Fibre Channel enabling 50% faster backups in SAN environments. NetWorker has also added support for DD Boost ‘Virtual Synthetic Backups’ for file systems and new feature called “immediate cloning” that improves time-to-DR readiness using NetWorker’s Clone Controlled Replication.

With all of the advancements to Data Domain systems and the Data Protection Suite, you can finally sit back and drive off into the sunset knowing that your data is properly protected.


Alyson Langon
A couple years ago, fresh out of Business School at Boston College, I started at EMC and dove head first into all things backup and archive, focusing on Data Domain systems. I love the challenge of communicating complicated technologies in innovative and engaging ways and there is certainly no shortage of inspiration at EMC’s Data Protection and Availability Division. Outside of the tech world, I am an artist, animal lover and sufferer of wanderlust. You can also find me on Twitter achieving the perfect balance of data protection and cat gifs.