Aerohive Networks™ is committed to the security, protection and privacy of personal data we collect about our customers and business partners. We are very aware of the growing public concerns about personal data protection.
The European Union’s General Data Protection Regulation (GDPR) is a response to these concerns. It aims to bring consistency to EU data protection laws, and to strengthen the security and protection of personal data by giving EU citizens a higher degree of control over of their personal data, and how it is used in the digital economy. Independent of their location, organizations that collect, store, or process the personal data of EU residents must be able to address these regulations as of May 25, 2018.
Aerohive welcomes the GDPR and has implemented related functionality in its Cloud Networking solution.
GDPR Compliance Enablement in HiveManager®
Aerohive’s HiveManager® is our network management system. It is equipped with a set of features that enables our customers to address GDPR-related obligations that result from the “rights to request and be forgotten”, by searching for, downloading and deleting personal data. In addition, HiveManager provides logging and audit tools to track these actions so our customers can better document them.
GDPR Compliance Enablement in Aerohive’s Cloud
Where in the Cloud is my Data?
Under GDPR, some data can only be stored or transferred where the state has jurisdiction or where an agreement is in place that protects that data – the data-residency requirement.
Aerohive’s public cloud supports this residency requirement. Our cloud architecture is designed so that customer networks from European countries are assigned to a data center located in the EU. Furthermore, customer network data never leaves its assigned datacenter. This in turn enables Aerohive and our customers to demonstrate compliance with data-residency requirements.
Data Security in the Cloud
Under GDPR, organizations are also required to design their technical and company processes to secure and protect the personal data they collect and process. With regard to our cloud infrastructure, Aerohive takes comprehensive measures to support these requirements, including:
- Securing the data in our Global Data Center (GDC) and Regional Data Centers (RDC), including with threat-prevention measures, firewalling and penetration testing.
- Strictly limiting access to our cloud infrastructure to a small number of designated Aerohive DevOps engineers.
- Protecting data storage in the Aerohive cloud through encryption.
Additional information about Aerohive’s cloud security is located here.
GDPR with Aerohive: A Shared Responsibility
Under GDPR, Aerohive and the customers using Aerohive’s products and services have shared roles and responsibilities regarding GDPR compliance.
As the data processor, Aerohive assists our customers (the data controllers) in addressing their GDPR responsibilities, by providing functionality in our products and implementing appropriately secure handling and control of personal data in our cloud.
Additional information about how Aerohive supports our customers in their GDPR compliance initiatives is available in our whitepaper “GDPR and Aerohive Networks”.
Additional information about the personal data we collect, how we use it and our associated responsibilities is available on the data privacy and protection section on our website.