Do you know where your cloud data is (and has been)?
Data sovereignty asks: Can you tell your data subjects exactly where their cloud data is stored?
The cloud, somewhat intangible and sometimes referred to as “up there” is actually very much grounded, geolocated within the borders of countries. Data sovereignty and data center strategy are important considerations for organizations as everything in the cloud is stored in data centers. But where? This should be an easy answer – and it is central to the discourse on data sovereignty.
As cloud computing becomes the norm, so does the knowledge that a data protection strategy following best practices needs to be implemented in the cloud to ensure, among many things, data sovereignty.
Not knowing where data is stored can be dangerous and may lead to exposing a company to unwanted risk: loss of company trust, litigation, compliance headaches, stagnation in business growth, fines, and permanent, unrecoverable data loss.
What Is Data Sovereignty (if nothing more than difficult to spell)?
Data sovereignty is much more than a buzzword – it is rife with important requirements for organizations to protect and manage their (and their data subjects’) data in line with local and international laws, thereby complying with the general governance of the jurisdictions where the data has traveled across and is stored – not only where the company is located.
Complying with the foreign legal requirements associated with data transmission across borders “is an important matter because the location of data storage directly affects the applicability of local privacy legislation” (Data Sovereignty: A Review). Not knowing where your data is also means you are unaware of the laws to which you are subject.
Even while knowing where your data is stored, it can be complicated (and it may constitute a high risk) to store data in regions where there may be different or unique requirements—or instability in the local political spheres that may result in outages—impacting data availability and ultimately data security.
By now, many of us have experienced the changes that followed the European Union’s implementation of the GDPR, where the fundamental right for data protection of data subjects is protected, resulting in an increased awareness (and requirements) regarding the handling of data. Learn more about compliance and GDPR here.
Simplifying the Situation
In the convoluted world of data sovereignty and data compliance, there are steps that organizations can take to add simplicity and predictability to their data management strategy. For instance, storing data in data centers that offer no-transmission guarantees means no surprises in terms of litigation due to the confidence of knowing exactly where data is stored. One way of achieving this is with a third-party backup service deploying a global data center strategy focused on (and committed to) guaranteeing no data leaves the customer’s chosen data center region.
These services are offered by companies specializing in cloud SaaS (software as a service) backup and recovery. These providers may offer the added benefit of deploying a multi-regional data center approach with the ability to store targeted data in the regions required by the customer.
It is important to find a service that can document and guarantee this – which is precisely what Keepit, a leader in SaaS data backup and recovery, does and continues to do through continual expansions of data center locations. Read Business Wire's article on Keepit opening two new Canadian data centers.
“Superior Data Center Strategy”
Keepit, in their latest data center additions—this time in the Canadian market—has a global footprint that spans six regions: US, UK, Germany, Denmark, Canada, and Australia. Aside from the legal and compliance benefits, there are many other gains to be had from deploying a dedicated SaaS data protection solution.