Background Blocks

Resource Library - Datasheet and Brochure

Brand Arrow

GDPR: Centralize Unstructured Data Governance Across On-premises and Cloud

You Have Until May 20181 to Centralize Unstructured Data Governance across On-premises and Cloud

The EU's General Data Protection Regulation (GDPR) is the most stringent and burdensome privacy mandate in the world. The penalty for major violations can be up to 20 million euros or 4 percent of your company’s annual global revenue.2

This powerful market driver has niche software vendors vying for your attention. The result is a great deal of noise and confusion as CIOs struggle to make intelligent — ideally future proof — investments.

CIOs are also struggling to balance their desire for consolidation and centralized management with the need to meet the 2018 deadline and solve the immediate GDPR-related operational challenges. So point products are a great temptation.

58 percent of U.S. and 62 percent of German survey respondents believe their companies will be fined.3


The greatest challenge they face is gaining control over unstructured data. Structured data solutions have built-in compliance management functionality, but how do you ensure compliance across your unstructured data sources? Endpoints? Email? Servers with hundreds or thousands of authorized users? And how do you do this in a holistic way, without adding multiple disparate point products?

The Commvault® Data Platform consolidates critical data protection, compliance and discovery operations into a single unified solution. Know what unstructured data you have, meet GDPR obligations and prove your compliance to regulators. Read on to learn what the Commvault Data Platform can do for you.

87 percent of surveyed CIOs believe their current policies and procedures leave them exposed to risk under the GDPR.4

Egress, March 2016
Brand Arrow

Lay a Solid Foundation for Holistic Information Governance

The Commvault® Data Platform integrates backup, recovery and archiving in a way that creates a single searchable pool of your high-value unstructured information and provides a solid foundation for information governance. It gives you the visibility and control you need to meet a variety of GDPR obligations.

Gain a Cross-Departmental View of Where Personal Data Resides

  • Understand where all personal data lives across your enterprise, allowing you to optimize access controls, consolidate where possible and prioritize your security efforts

Rapid Response to Data Subject Requests

  • Employ proactive preservation to minimize or eliminate ad-hoc enterprise crawling and piecemeal collections, and accelerate discovery, production and erasure of personal information

Automate Retention Policy Enforcement

  • Automate the removal of outdated data from endpoints, email, data center sources and your backup and archival copies to ensure enforcement of retention periods

Facilitate Data Security & Privacy Enforcement

  • Detect data leakage quickly, minimizing the need to crawl systems and endpoints
  • Remove sensitive data from unauthorized locations
  • Add a layer of protection against ransomware
  • Provide a quick, alternate way to assess exposure in the event of a compromise to give legal stakeholders a leg up on breach notification planning

Facilitate Data Security & Privacy Enforcement

  • Faster recovery in the wake of an incident
  • Restore to any on-premises or cloud location, even write to multiple locations at once

Unstructured data makes up roughly 80 percent of all business-related data.5

IDC, March 2017

Commvault Complete™ Backup & Recovery

Commvault Complete™ Backup & Recovery is a single solution to overcoming your compliance, eDiscovery and resilience challenges.

Lay a Solid Foundation for Holistic Information Governance

Brand Arrow

The Power of Proactive Preservation

When you proactively preserve your high-value, high-risk data sources and employee endpoints and email, you create a “data lake” environment that adds value to stakeholders across your organization. You can virtually eliminate the need for the disparate data collections, full disk acquisitions and massive data dumps that drive up the processing and review costs associated with eDiscovery and investigations. Likewise, you can reduce or eliminate your use of third-party sync and share tools and expensive enterprise search platforms. Most or even all relevant data is at your fingertips.

Creating a “data lake” environment for GDPR compliance
Automate Retention by Employee, Data Source and/or Content.

Implement an intelligent compliance retention program that ensures high-value unstructured data is preserved and indexed for continuous accessibility and data with no value is pruned in accordance with your policies.

Full-text Indexing of Data from Endpoints, Email, Data Center Sources and Cloud

Create a single searchable pool of information enabling fast, centralized access and analysis of both production and historic data.

Search Advanced Metadata via Customization Services

Expand your ability to search classifications and tagging generated by third-party tools.

Automate Removal of PII and PCI from Data Center Sources

Automate removal of sensitive data, such as personally identifiable information (PII) or payment card industry (PCI) information, employing entity extraction and smart archiving to pull responsive data out of your environment, and block end user recall. Then you can to erase it from backup and production sources.

Federated Search

Augment visibility into unstructured data by employing federated search to identify and report on sensitive data locations, and to identify information, employees and data sources that need to be under Commvault® software management.

"Erase" Data

Easily comply with mandates, such as the EU GDPR or UK DPA by quickly locating personal data within unstructured data sources, archiving it out of the wild, and then “erasing” it from the Commvault store.

Chain of Custody

Maintain an auditable chain of custody, tracking every action taken on files and emails within the system and who accessed them, to demonstrate compliance.

Role-based Access

Role-based access for secure multi-party review and collaboration. Give different groups and stakeholders “windows” into the information they need to see.

Export Options

Native format, PST, NSF, HTML, or CAB, and EDRM XML.


Data is encrypted in transit and at rest.

Virtually Unlimited Scalability

We have a track record of supporting well over 100,000 mailboxes and petabytes of file data.

Deployment Options

On premises, Cloud, Hybrid and 1, 3, or 7 year SaaS subscriptions are available for endpoint and email compliance retention with tiered per-mailbox pricing.

We have a track record of supporting well over 100,000 mailboxes and petabytes of file data.

  5. Carla Arend (2017 March) Five Essential Steps for GDPR Compliance. IDC Opinion
Brand Arrow

Commvault streamlines GDPR compliance, making it easier to meet your regulatory obligations.