Security Framework Overview

Compliance Regulations and Standards

Security and Compliance Overview

RegulationsToday’s environment brings increasing regulation to our customers. While this may be viewed as tedious, we hope to deliver value as we provide compliant solutions.

Global Data Vault enables compliance with a variety of standards and regulations including those listed below. Our compliance is accomplished through physical controls, logical controls, and to a large degree through policy controls.

As you evaluate working with Global Data Vault, we’ll share more details about the actual controls in place. We can also review our controls compared to your needs outside the regulations and standards listed here.

 

Acronym Name Promulgated Authority Applies to
HIPAA Health Insurance Portability and Accountability Act US Federal Law Regulation Companies that keep any patient health information
PCI Payment Card Industry Companies that issue credit cards Standard Companies that store credit card numbers
NIST National Institute of Standards and Technology US Federal Government Standard US Federal Government entities and their vendors
DFARS Defense Federal Acquisition Regulation Supplement US DoD Regulation Companies serving the US DoD
GDPR General Data Protection Regulation European Union Regulation Companies that store data about any EU citizen
SOX Sarbanes-Oxley US Federal Law Regulation US companies with publicly traded securities
SSAE 16 SOC 1 / SOC 2 Statement on Standards for Attestation Engagements / Service Organization Controls American Institute of Certified Public Accountants (AICPA) Standard Data center operational controls
cloud mobility

Cloud Mobility – Buzz Words or Pain Point?

Do an internet search on “cloud mobility,” and you will get a TON of results.  The definition(s) can be confusing, but basically it describes the ability to avoid locking in workloads to a specific cloud vendor.  Diversification of resources between private and public...

The Air Gap Controversy

The Air Gap Controversy In a previous blog post, we talked about the 3-2-1-1 data protection concept as well as “air gaps.” We’ve also discovered that viruses can corrupt files that are written to air-gapped technologies, such as tape, rendering them useless, and the...
gartner magic quadrant

Gartner Magic Quadrant for Data Center Backup and Recovery

Veeam Software is an unusual participant in the Gartner Magic Quadrant given that they entered it in the visionary section, and were the first company to do so with only a virtualization offering.