SEAT Global Magazine - Exclusive Interviews of Global Sport Executive Issue 09 March/April 2018 | Page 45

2. Ensure Your Business is Ready to Address new

Security Compliance Regulations

It seems like there’s always a new security compliance regulation coming out, and your business needs to be adequately prepared.

For example, with enforcement of EU GDPR around the corner, nearly every IT vendor has something to say about it. However, it’s important to keep in mind that few organizations will be starting from scratch, considering that data protection laws have been in place across Europe for years, and many organizations will be complying with existing standards, e.g., PCI DSS.

So, assess what, where and how EU resident personal data is stored, processed and transferred within and outside your organization’s structure. Check every department from marketing to HR, legal and IT. Then, determine where the GDPR gaps are, fill in those gaps with appropriate business practices and protective safeguards, and take a proactive and engaged approach with regular risk assessments and ongoing employee awareness.

3. Protect the Data Center

Data centers are evolving. They are no longer simply server banks used for simple back-ups, disaster recovery or server processing. Many enterprises are transitioning their infrastructure to become virtualized, and most have begun shifting workloads to the cloud. While simple in concept, and ultimately a cost-saving and agility-producing measure, there are significant complexities with changing out IT infrastructure.

Migrating workloads from older systems to newer ones can also create a maelstrom of incompatibilities and security issues if done in patchwork fashion. Solutions such as hyper-convergence which combine compute, storage and networking into one solution are being quickly adopted as a means to efficiently consolidate data center infrastructure.

But what about consolidating data security solutions?

The potential trouble with these newer “data center models” is that virtual machines and solutions are often much easier accessed than in the physical world. Easier access generally results in less control. That is particularly dangerous when it comes to controlling sprawl and migration of your critical data and workloads using a mix-match of data security solutions.

Given this, it’s critical to ensure you have one data security approach that provides persistent virtual machine-level encryption, so that no matter where workloads are located within the environment – active use, dormant, offline or in backup – the data remains protected. It’s also necessary to prevent unapproved copying and snapshots and relocation of virtual machines outside of your boundaries to protect your data.

INSIGHTS & PERSPECTIVES

44