Druva Doubles Down on Governance With Proactive Compliance for Enterprise

Druva, Inc. unveiled inSync Proactive Compliance, a offering for its inSync product that takes a proactive approach to address data governance challenges within the increasingly mobile workforce.

Included in the inSync Elite+ plan, the company offers deep search, auditing and automated data scanning capabilities, enabling enterprises to quickly and proactively identify and act upon data risks across cloud services and endpoint devices. Company’s converged data protection approach allows enterprises to achieve something that was previously difficult to attain and was cost prohibitive due to data siloes. Druva offers a single platform that converges data availability – backup, restore, and share and now comprehensive governance – compliance, archival/search and audit – across entire end-user information on endpoints and cloud.

“Once upon a time, data was centralised in the data centre and kept compliant with data regulations and enterprise policies. The modern enterprise is mobile first, with more employees relying on endpoints and cloud services to get their work done,” said Jaspreet Singh, CEO, Druva. “The new cloud or BYOA (Bring Your Own App) wave is having even a greater business impact that than the preceding BYOD one. The dispersed data landscape it has created, with so much data outside the firewall, limits any business’ ability to protect and control how data is accessed and used. Druva gives IT the ability to reclaim control of this data by helping organisations ensure their data, regardless of location, is fully protected and governed.“

Click to enlarge

Today’s enterprise is a dispersed one, with more than 40% of data residing in the cloud as well as on laptops, tablets and smartphones. The mobile workplace has untethered workers from the office, allowing them to work from anywhere, resulting in a need to enforce data governance policies. In addition, the ever-increasing pressure to stay one step ahead of the compliance curve with global data privacy and industry-specific regulations (HIPAA, PCI DSS, FACTA/FCRA, GLBA, COPPA) involves sensitive employee and customer data. Non-compliance and risk exposure have resulted in millions of dollars in fines, and even more in reputation damage.

“Improved backup and recovery, cloud infrastructure services, and regulatory compliance are all high priorities according to our recent ESG 2015 IT Spending Intentions Survey. Organisations recognise that their ability to protect and manage data has been compromised by its growing dispersion across devices and cloud services, resulting in increased concerns around data policy and compliance enforcement,” said Jason Buffington, senior analyst, data protection, Enterprise Strategy Group. “In fact, two of the top considerations for choosing a new backup solution are data security and cloud capabilities. By tapping into these data sources, backing them up, and taking a proactive approach to analysing the data collected, organisations can protect their data as well as identify and shore up potential infractions before they’re an issue, ensuring that user data throughout the organisation is appropriately accessed, secured, used and governed.“

Druva centralises visibility and control of business data residing on employees’ endpoints and cloud services via integrated backup, data loss prevention, and data governance capabilities. The company’s continually mirrors end-user data, which enables rapid recovery if it is lost, allows remote user access to any file or folder from any device and addresses eDiscovery support, compliance and forensics needs.

Primary capabilities of inSync Proactive Compliance:

• Proactive compliance delivers enhanced governance-related capabilities that enable organisations to be moreproactive in their ability to understand, identify and take appropriate action on data risks across the dispersed data environment. Enterprises can now track, monitor and be alerted of potential data risks associated with Personal Healthcare Information (PHI), Personal Credit Information (PCI), Personally Identifiable Information (PII) and Intellectual Property (IP) across both cloud services and end-user devices.

  • Centralised compliance dashboard: Compliance, security and legal teams have an easily navigable federated view by data source, compliance risk type, risk level, user as well as other pertinent information to make quick assessments and investigate infractions.

  • Non-compliance reporting: Compliance and information security teams can subscribe to regulation or policy-specific reports, which are automatically generated and emailed to subscribers when potential data risks are discovered.

  • Pre-defined, customisable compliance templates: Organisations can select from pre-defined compliance templates (ex. HIPAA, GLBA, PCI) or customise their own. inSync will automatically scan, identify and alert the organisation of risks as necessary.

  • Investigative searching: Companies that conduct internal investigations on behalf of a legal request or need to identify sensitive data (HR data, IP, financial records) can utilise inSync’s deep-search capabilities to pinpoint materials across their end-user data.

• Legal authenticity and admissibility enable companies to ensure the integrity of their data for both compliance and legal needs by capturing extended meta-data and creating a unique fingerprint for every file in the system. In doing so, inSync is able to provide an auditable trail of a file’s history and a litmus test for its unmodified integrity.

inSync Proactive Compliance is part of the inSync Elite+ Plan and will be available in 30 days.