What is Data Protection?

Data protection is the process of safeguarding important data from corruption, compromise or loss and providing the capability to restore the data to a functional state should something happen to render the data inaccessible or unusable.

Data protection assures that data is not corrupted, is accessible for authorized purposes only, and is in compliance with applicable legal or regulatory requirements. Protected data should be available when needed and usable for its intended purpose.

The scope of data protection, however, goes beyond the notion of data availability and usability to cover areas such as data immutability, preservation, and deletion/destruction.

Roughly speaking, data protection spans three broad categories, namely, traditional data protection (such as backup and restore copies), data security, and data privacy as shown in the Figure below. The processes and technologies used to protect and secure data can be considered as data protection mechanisms and business practices to achieve the overall goal of continual availability, and immutability, of critical business data.

Data Protection Chart

Figure: The Three Categories of Data Protection

Principle of data protection

The principle of data protection is to deploy methodologies and technologies to protect and make data available under all circumstances.

Storage technologies can be used to protect data by using disk, tape or cloud backup to safely store copies of the data that can be used in the event of data loss or interruption. Additional software tools (e.g. cloning, mirroring, replication, snapshots, changed block tracking, etc.,) are providing another layer of data protection in addition to traditional backup. Technology advancements mean that it is now common practice to provide continuous data protection which backs up the data whenever a change is made so that recovery can be near-instantaneous.

Cloud backup is also becoming more prevalent as organizations frequently move their backup data to public clouds or clouds maintained by third-party service vendors. These backups can replace on-site disk and tape libraries, or they can serve as additional protected copies of data to provide a disaster recovery facility.

Geographical differences and variations in terms

The data storage industry looks at data protection mainly from a technology viewpoint in what is needed to keep data secure and available.

Data protection is defined by the European Union (EU) in a very different way and is often used where other regions may use the term data privacy.

It is important to understand the meaning applied to these terms to avoid confusion:

  • Data protection in the EU is much more related to the protection of personal data and the rights of EU citizens
  • Data protection is about protecting any data relating to an identified or identifiable natural (living) person (“data subject”), including names, dates of birth, photographs, video footage, email addresses and telephone numbers
  • Data protection has precise aims to ensure the fair processing (collection, use, storage) of personal data by both the public and private sectors

Learn more about Data Protection in our Educational Library