Commvault sees GDPR benefits in latest extension of Office 365 capabilities

Commvault is positioning both their Office 365 integration and their new Sensitive Data Governance offering as logical solutions to the issues created by the growing intersection of data protection and compliance.

Randy De Meno, Chief Technologist, Windows Products and Microsoft Partnerships, at Commvault

Enterprise backup vendor Commvault has announced further expansion of their integrations with Microsoft Office 365, using that announcement to also send a message to the market regarding the depth and durability of their relationship with Microsoft. Commvault is also emphasizing the relevance of their Office 365 integration to the newly enabled General Data Protection Regulation [GDPR] regulation in the EU, in conjunction with their Commvault Sensitive Data Governance [SDG] application introduced last year.

“Commvault’s strategic relationship as a partner to Microsoft overall is extremely important,” said  Randy De Meno, Chief Technologist, Windows Products and Microsoft Partnerships, at Commvault. “We have gotten a lot of recognition for what we do with Azure, and we want to reinforce the strength of that partnership. We have reinforced our technology for the Microsoft product group, optimizing Office 365 performance further.”

DeMeno said that there is also an intersection here with the EU’s GDPR laws regarding data protection and privacy, which came into force last week.

“We are emphasizing the ability of our Office 365 integration to help meet GDPR requirements,” he said. “Our job, since we began the Microsoft partnership in 1999, has always been to go beyond the box. We extend Office 365’s search and eDiscovery capabilities to an enterprise-wide, poly-cloud one. We provide a unified search, eDiscovery and compliance solution across the enterprise, using the same product that runs in the cloud, in Azure Stack and on-prem.”

DeMeno said that Commvault is also emphasizing how they have enhanced the Office 365 ability to manage content.

“When we move the data, being able to index that data for content search and eDiscovery is critical,” he said. “The way we index it and move it into Azure sets up some of the Microsoft tools like Power BI and Cognitive Services. That’s another Commvault differentiation, that enables greater proactivity for business functionality.”

DeMeno said this functionality is of increasing interest to MSP and integrator partners in the Microsoft ecosystem.

“A lot of MSPs and SIs have been rolling out Office 365, and we enable it to be part of that enterprise-wide eDiscovery and search solution,” he said. “Most enterprise customers also just see Office 365 as part of their strategy, and so our ability to go beyond that is a high value-add differentiator. So both MSPs and SIs are seeing huge benefits in working with us.”

Commvault is stressing that Office 365 is part of the package that will give Commvault partners a huge opportunity with the GDPR regulations. It complements a new standalone solution, Commvault Sensitive Data Governance, which was launched at last fall’s Commvault GO 2017 event. Commvault SDG simplifies the best practices of assessing and managing the risks of managing sensitive data at scale, starting with file servers and endpoints within a single tool set. It detects personal and other sensitive data across unstructured data holdings, facilitates risk profiling, proactively cleans up unnecessary personal data, and provides for automated remediation of actions dictated by data subject requests –  with full audit trails to prove compliance.

Nigel Tozer, Solutions Marketing Director, EMEA at Commvault

“GDPR is about understanding what you have,” said Nigel Tozer, Solutions Marketing Director, EMEA at Commvault, and a specialist in GDPR. “SDG enables you to get that picture, profile it, and understand what you have from a sensitivity standard.”

Tozer said that the challenge around GDPR is its breadth.

“It affects sales and marketing, IT systems, HR, the legal team – everyone is touched,” he said. It’s complicated by the fact that in Europe, regulations tend to be initially non-specific and then get honed in by courts – so North Americans tend to find them loose. There is no rubber stamp to say you are compliant. It’s just about taking a defensible position. Most data regulations and privacy regulations were also over 20 years old, and came from a time before Facebook and phone messaging. It also used to be cheaper just to pay the fine rather than to get compliant. The new law is a big change in this respect. Even so. many people in IT initially saw GDPR as a business problem, so little action was taken, although interest grew closer to the kickoff day. People have also begun to realize that in things like indexing, and the ability to produce data wherever it lives, Office 365 becomes much more important.”

“Where we are unique here is being part of one single platform,” DeMeno said. “Others do this, but with completely separate disparate solutions.”

“The consistency is important because other definitions of compliance can be different,” Tozer noted. “That doesn’t help you with a ‘right to be forgotten’ request – and it certainly wont help you find anything where you didn’t already make a backup.”

Leveraging Office 365 and SDG gives partners a significant opportunity.

“They are in a great position to help partners get a good hand on the end-to-end challenge here,” Tozer said. “Many partners have gotten really ready for this and taken on privacy experts. They are in a good position to help because they know their customer environments. There’s a lot of opportunity around GDPR.”