By Richard Vester, group executive at the Cloud Services division of EOH
The burgeoning popularity of cloud and SaaS applications are benefitting businesses around the globe through improved collaboration, cost savings, increased efficiency and similar. It could be said they have completely transformed the way businesses today work.
It could be said they have completely transformed the way businesses today work.
However, moving to the cloud is not without its risks. As data moves across the world, between businesses, cloud providers,
As data moves across the world, between businesses, cloud providers, endpoints, and collaborators, security is necessary to keep your organisation safe, and your company in line with regulatory requirements.
Questions of data ownership and data residency have moved to the top of the list of concerns for public and private sector organisations across the globe.
The majority of countries have rules governing data residency and sovereignty in place, which states categorically that certain data has to be stored where the government can maintain jurisdiction over it. This usually means within that country itself.
The European data protection laws forbid any personal data from being moved outside the EU, or even a specific country’s borders. US data laws are just as stringent. The point is that all countries have regulations in place and although data sovereignty and data residency regulations may be set by the government, it falls on the organisation itself to meet those regulations.
EOH, as a cloud provider, has met the challenge by having a truly international cloud that can accommodate all its clients, irrespective of where they are located, or the data residency rules that govern them. We have access to all the major global cloud providers and have a footprint and customers in the UK and Europe. We see ourselves as part of a group of interconnected clouds that are located around the world, offering for scalability and real data protection.
There are other ways for businesses to maintain data compliance too.
Understanding that data compliance for cloud and SaaS applications require agreement and collaboration between IT and all departments that are employing SaaS or other cloud applications.
It is also important to have a thorough understanding of your country or region’s specific rules and regulations governing data sovereignty and residency, and make sure your cloud provider does too. Remember that these policies update and change all the time to keep abreast of the changes in technology, and your organisation would be well advised to read up on the most recent policies and regulations, and ensure your business is compliant with them.”
When choosing a cloud provider, review their ability to provide a localised but international offering closely.
Ask as many questions as you need to about how data is handled, treated moved around and stored, with data residency and sovereignty in mind. Remember, the onus is on you to vet any partners thoroughly and find out whether they strictly adhere to your country’s specific requirements around residency and sovereignty.
Moreover, scrutinise any cloud provider’s security measures, certifications, and protocols, and make sure that their security tools and solutions thoroughly address all cloud platforms.
Finally, never underestimate the importance of backing up your data.
When moving any data to the cloud or to a SaaS solution, make sure it is data it is safe and protected in the cloud, in the same way you would in the days before cloud when it was stored on premise – back it up.
Recent scourges such as the WannaCry and Petya ransomwares have shown how easy it is for businesses to fall victim to ransomware and lose all their data. Similarly, configuration errors, and accidental deletion happen from time to time.
And make sure that any cloud provider you partner with backs up in a manner that also meets your region’s data residency requirements.