An outline of the paper is below; to read the full paper please click here
, or to contact CNS Group please click here
In order to comply with existing and emerging data protection legislation, UK organisations of all sizes need to know where in the world their data is stored and managed when they choose to use cloud services, applications and back up. If comprehensive questions about data sovereignty are not already part of your data governance strategy – they should be.
Data Sovereignty: More than just physical location
To offer the economies of scale that keep prices down, cloud computing has relied heavily upon a globally distributed infrastructure – with data travelling to data centres outside of the UK and Europe for cost and redundancy reasons.
Defining the right data safeguards
European data protection laws were enacted before cloud became a pervasive computing option, but their intent was clear, that personal data could only be transferred to countries that could demonstrate the right data safeguards. So who defines what is ‘right’?
Beyond location - questions for data sovereignty
In our experience, if you are considering any cloud-based service, you should be asking providers the following questions:
1. Where is your data stored?
2. Who has access to your data?
3. Where is your data backed-up?
4. How is your data encrypted?
The data sovereignty imperative
Although the rules still have some time to evolve, we anticipate that as the EU General Data Protection Regulation (GDPR) creeps closer, businesses of all sizes will need to ensure that they meet data sovereignty requirements as part of their overall compliance with the directive.
To find out more about the importance of data sovereignty and how to ensure it's part of your organisation's strategy, read the full paper here.