Dave Anderson looks at how organizations can overcome a common barrier to cloud computing adoption.
The benefits of adopting cloud technologies have been widely reported, and are commonly understood. However, the decision to adopt a cloud strategy brings with it many questions and concerns about jurisdictional and regulatory control over the privacy and protection of sensitive data. For instance, data residency and sovereignty requirements often insist that certain types of sensitive and private data are stored where the government will have legal jurisdiction over it. More often than not, this means within its borders. But the cloud allows providers to possibly store, process or back-up data across several global locations, as well as allowing organizations to freely move data outside of national borders. So, how does this impact compliance to data residency requirements?
Addressing data residency, protection and privacy concerns requires an understanding of both international and domestic regulations. Companies that do business in Europe must understand the implications of regulations such as the European Data Protection Law, as well as local data mandates. The EU’s Data Protection Directive is an example of this, as it prohibits personal data that can be linked to an individual from moving outside the EU, sometimes even outside of a specific country’s borders. Data residency is also particularly concerning for multi-nationals that have offices all over the world, covering several jurisdictions.