Skip to main content

General Data Protection Regulation (GDPR)

Why Ahsay is GDPR Compliant and Will Help You to Generate Additional Revenue

Abstract

General Data Protection Regulation (GDPR) is a new directive in the European Union to protect its citizens against inappropriate personal data processing; and this directive will come into effect on May 25th 2018. As an industry practitioner and MSP, it is important that you select a backup software that is compliant to this requirement and provide consultancy services to your customer to ensure they are fulfilling this new regulation. Armed with almost 20 years of experience as a backup software vendor, Ahsay has developed robust features and developed best practices that are poised to empower you, as an MSP, to be complaint and generate new revenue from this new directive.

Ahsay Compliance to GDPR

As a backup vendor for almost 20 years, Ahsay has developed robust features for backup that is poised to empower MSPs to be complaint to this new directive in the following angles:

GDPR Requirements How Ahsay Helps You  
Storing or processing data within EU Control geographical data location Ahsay enables you to have full control on where your clients' data is stored by specifically setting the pre-defined destinations, including Availability Zone for public cloud.
Right of access(Article 15)
Backup policy Ahsay Backup Software will locate and remove all the required data from the system in a timely manner upon user request.
Right to erasure(Article 17)
Data wipe-out on request Ahsay Backup Software will locate and remove all the required data from the system in a timely manner upon user request.
Security of processing - Pseudonymisation and encryption
(Article 32 [1a])
Content encryption Ahsay Backup Software will cipher the file name and content that is backed up. The storing encrypted backup data in backup file format can only be identified by index (also encrypted) where encryption key is the additional information to safeguard the access.
AES 256-bit encryption Ahsay Backup Software uses AES 256-bit encryption (CBC mode recommended) key as the security measure. This will protect you, as an MSP, from data security breach due to network intrusion in the rare case when your system is compromised.
Security of processing - Quick recovery of data(Article 32 [1c])
VM Run Direct & Granular Restore These proprietary feature from Ahsay enables you to either spin up VMware and Hyper-V guests within 1 minute or to have instant access to select files. A proper use of VM Run Direct & Granular Restore within local network can effectively establish a backup solution with quick recovery of data while the remote backup data can still be encrypted and protected.
Records of processing activities(Article 30)
Comprehensive System Log Ahsay's system log offers visibility on all actions performed in the backup system and therefore enables you to retrieve these logs if an investigation is required.

Which Ahsay Software

The above GDPR compliance study shall be based on Ahsay Backup Software portfolio. If you are using previous software release, certain functionalities or features may not be applicable. Please contact us if you need our assistance on this.

Consultancy Service

In the backup business as an MSP, selecting a resilient backup software is the beginning of the compliance to GDPR that will drives the success of your backup business. Equipped with 20-year of experience as a backup software vendor and working with thousands of backup service providers around the world, Ahsay is able to provide best practice methodology and experience sharing to ensure you and your customers are compliant to GDPR. Such best practices include how you can define personal data with your end users so their personal data can be removed from the backup system timely upon request.

Next Step

This serves to be the first step on your understanding on how Ahsay conforms to GDPR for our backup service providers and MSPs. Please contact us at partners-kb@ahsay.com if you would like to understand more about our software or if there are specific questions on your compliance to GDPR.