Having the appropriate storage for hosting business critical data and the proper analytic software for deep inspection of that data is becoming necessary to get deeper insights into the data so that users can categorize which data qualifies for compliance. This IBM® Redpaper™ publication explains why the storage features of IBM Spectrum™ Scale, when combined with the data analysis and categorization features of IBM StoredIQ®, provide an excellent platform for hosting unstructured business data that is subject to regulatory compliance guidelines, such as General Data Protection Regulation (GDPR). In this paper, we describe how IBM StoredIQ can be used to identify files that are stored in an IBM Spectrum Scale™ file system that include personal information, such as phone numbers. These files can be secured in another file system partition by encrypting those files by using IBM Spectrum Scale functions. Encrypting files prevents unauthorized access to those files because only users that can access the encryption key can decrypt those files. This paper is intended for chief technology officers, solution, and security architects and systems administrators.

The role of the IT solutions is to enforce the correct handling of personal data using processes developed by the establishment. Each element of the solution stack must address the objectives as appropriate to the data that it handles. Typically, personal data exists either in the form of structured data (like databases) or unstructured data (like files, text, documents, and so on.). This IBM Redbooks publication specifically deals with unstructured data and storage systems used to host unstructured data. For unstructured data storage in particular, some key attributes enable the overall solution to support compliance with the EU General Data Protection Regulation (GDPR). Because personal data subject to GDPR is commonly stored in an unstructured data format, a scale out file system like IBM Spectrum Scale provides essential functions to support GDPR requirements. This paper highlights some of the key compliance requirements and explains how IBM Spectrum Scale helps to address them.