Rubrik Cloud Data Management: Security by Design
Since the beginning, Rubrik’s Cloud Data Management platform has been designed with security as one of its core principles. Our goal is to ensure that data is managed in a secure and responsible manner, independent of its location. This capability is growing more important with the changes to the General Data Protection Regulation (GDPR), which goes into effect on May 25, 2018, for any organisation that processes or stores data from individuals in the EU.
For companies that must comply with GDPR, security by design is imperative in data management. The regulation requires companies to use solutions in which data protection is designed into the development rather than added on at a later point. Requirements apply to on-prem and cloud environments, as well as to measurements that prevent employee-caused breaches.
Data Management Designed for Protection
Rubrik delivers end-to-end encryption across all environments while maintaining performance. It starts at the point of ingesting the data from your production systems. For both virtual and physical environments, we encrypt data in-flight to protect it from eavesdropping. Once the data arrives to the Rubrik cluster, customers can choose the method for encryption at-rest, either using software-based encryption or FIPS 140-2 Level 2 Certified hardware-based encryption. Rubrik also offers robust key management with AES 256-based encryption, which can be either managed via a built-in Trusted Platform Module (TPM) or a KMIP-compliant external key management server.
In addition, all data that is stored on Rubrik is done so as immutable objects. In other words, once the backup completes, you can rest assured that this data can be restored in its original state, which is of the utmost importance since your backup data needs to be your indisputable source of truth.
Security Beyond the Data Center
As mentioned, Rubrik is dedicated to providing end-to-end security regardless of your data’s location. This means that if we archive data out to another storage location like private or public cloud, including Object Storage and NFS storage systems, we can encrypt this data in-flight, leaving the Rubrik cluster in its ultimate long-term retention destination.
User access also needs to be safeguarded, which is accomplished with your own trusted Certificate Authority (CA) TLS certificates to safely authenticate with the Rubrik GUI. Additionally, Rubrik enables granular control of user data with our role-based access control (RBAC) feature. Limit an individual’s access to only pre-approved objects to prevent accidental deletion and to protect the privacy of other users in your organisation.
GDPR is multifaceted, and it’s important to understand that no single solution can make you comply. But Rubrik’s modern data management platform with a security built-in mindset can be a great partner in developing a GDPR-compliant environment.
Learn more accelerating GDPR compliance with Rubrik here.