Data Protection & Privacy (DPPC) Committee

Our Goals

The DPPC exists to further the awareness and adoption of data protection technology, and to provide education, best practices and technology guidance on all matters related to the protection and privacy of data.

Within SNIA, Data Protection is defined as the assurance that data is usable and accessible for authorized purposes only, with acceptable performance and in compliance with applicable requirements. The technology behind data protection will remain a primary focus for the DPPC. However, there is now also a wider context which is being driven by increasing legislation to keep personal data private. The term data protection also extends into areas of resilience to cyber attacks and to threat management.

This charter expands the mission of the DPPC from being entirely focused on data protection technology and into areas of data privacy and regulatory compliance as well as taking a more holistic view of protecting data in collaboration with the SNIA Security TWG.

Storage Security Data Protection Technical White Paper

The SNIA Storage Security TWG just released the new Storage Security: Data Protection whitepaper that provides an overview of data protection and the associated guidance for the ISO/IEC 27040:2015 (Information technology - Security techniques - Storage security), which is a standard that provides detailed technical guidance on controls and methods for securing storage systems and ecosystems. Data protection is an essential element of storage security that can be nuanced, depending on industry requirements (e.g., storage, security, and privacy). This can be seen in the ISO/IEC 27040 (Storage security) standard, which while not directly addressing data protection, does identify relevant security controls. To raise awareness of data protection, this whitepaper highlights the relevant data protection guidance from ISO/IEC 27040 and then builds upon it, covering topics such as data classification, retention and preservation, data authenticity, and data disposition. As part of this expanded material, SNIA provides guidance and considerations that augment the existing storage security standard.

Download the white paper here.