Cloud Hosting

In this frenetic landscape, in which huge amounts of data are harvested, stored and analyzed 24 hours a day, governments have moved with uncommon swiftness to provide statutory instruments that seek to regulate the flow of information.

This has included the assertion of data sovereignty, in which governments enforce their own privacy laws on data stored within their jurisdictions. It is a rebuff of sorts to the global economy, a reimposition of sovereign interest.

For businesses, this has created a raft of compliance obligations and strategic imperatives, as well as the need for informed decisions about where their data is stored, how that data is managed and protected when shared across borders, and how IT systems are set up.

The rapid take-up of cloud-based data storage exposes companies to issues of data sovereignty. With the rising popularity of cloud computing, data sovereignty issues have become a greater focus for companies concerned about threats to the integrity and security of their data.

Data sovereignty becomes an issue when a companys data servers are located outside the country in which the business is domiciled, and governments insist that this data is subject to the laws of the country in which it is collected or processed.

Businesses need to have a robust and comprehensive data security strategy and vigorous internal procedures to protect and secure data. The onus is on businesses to understand how their data is stored, who owns it and how it moves.

Businesses also need to:

Data gravity is a metaphor introduced into the IT lexicon by San Francisco software engineer Dave McCrory in 2010. The idea is that data and applications are attracted to each other, similar to the attraction between objects that is explained by the law of gravity. As data sets grow larger and larger they become more difficult to move. So, the data stays put and applications and processing power moves to where the data resides.

Barriers become even more challenging if you want to run analytics in the cloud on data stored in the enterprise, or vice-versa. These new realities for a world of ever-growing data sets suggests the need to design enterprise IT architectures in a manner that reflects the reality of data gravity. Alternatively, companies could consolidate their data in a cloud platform where the analytics capabilities reside (and which includes data sovereignty guarantees).

General Data Protection Regulation (GDPR)

The European Unions GDPR covers data protection for EU citizens. The GDPR also addresses the transfer of personal data outside the EU and European Economic Area (EEA). It supersedes the Data Protection Directive.

With the advent of the GDPR, organizations have reviewed their data sovereignty requirements and capabilities.

Brexit: in or out?

All countries in the EU benefit from what might be called the free movement of data. This currently applies to the UK in the same way that it does to the other 27 members.

However, when the UK leaves the EU, it may or may not still be included in this free market in data. Current EU data protection legislation states that special precautions need to be taken when personal data is transferred to countries outside the European Economic Area that do not provide EU-standard data protection.

If data sovereignty isnt included in any finalized Brexit deal, or if the no deal scenario eventuates, then UK businesses could be directly affected. Post-Brexit, the UK would no longer be covered by data agreements between the EU and other countries, such as the EU-US Privacy Shield Framework.

If the EU does not grant equivalency to the UK post-Brexit, the safest thing to do when it comes to data sovereignty issues is to make sure that data is migrated to UK-based data centers.

In the digital economy, organizations are information-rich. They have never possessed such extensive reserves of personal data nor have they been closer to their customers as a result. Digital consumers have benefited from customized product and service offerings, enhanced customer experiences and the ability to intimately engage with their favorite brands across multiple platforms.

But with the ability of organizations to collect unprecedented amounts of data across multiple technology platforms comes great responsibility, and challenges - not least compliance obligations and strategic imperatives, as well as the need for informed decisions about where their data is stored, how that data is managed and protected, and how vendors are chosen.

How well organizations deal with the risks posed by data sovereignty is the latest challenge in the digital transformation of the economy.

Read the original post:
Data Sovereignty: The imperative for action - DatacenterDynamics