One of the basic tenets of cloud computing is the ability to provide access to resources across a geographically dispersed cloud environment. This makes the cloud ideal for global distribution of applications and data. But what about those geographies that have highly restrictive data sovereignty laws or practices, such as Germany, Austria and South Korea? What about governmental bodies attempting to protect information while utilising the cloud?
An interesting example is the German government which, in certain circumstances, will require that data on German companies and their employees never leave German soil and that only German citizens be allowed to administer said data. These data sovereignty (DS) scenarios and many others present a challenge for organizations in terms of protecting the data entrusted to them while cutting costs and gaining efficiencies associated with the cloud.
From a business standpoint, these organisations are charged with protecting information about their business, customers, users or governments. Unauthorised access to private customer data, governmental assets or corporate assets could be devastating. We need look no further than the recent state sponsored attack on US federal government employee databases to see the effect of these types of breaches.
From a technical view, IT departments are being increasingly relied upon to implement data access controls, data filtering and separation management functions according to DS rules. Then as soon as IT thinks they finally have a handle on the problem, here comes the cloud, offering ubiquitous data access, and messing up the nice neat model they’ve created.
So, how do we control data where the point of cloud is to distribute data and applications? Large organisations, especially those that span multiple countries are facing this very question on a daily basis. I was recently involved with a client that not only does business globally and needs to be sensitive to governmental restrictions, but also has specific contractual obligations with a number of their customers as to where and how files, email and other data can be stored and transmitted.
The chosen solution will be specific to the circumstances and organisational type, although it can be viewed as having various components:
- Security standards. These solutions require a strong set of on-premise and cloud based security standards. As I have previously written, it is important when developing a hybrid cloud solution to extend the corporate security standards, as much as possible, to the cloud.
- Data loss prevention (DLP) monitoring and controls. DLP software defines controls over the flow of data and monitors that data flow to detect data breaches.
- Data aware services. As services are developed, the integrated software components need to have proper authorisation and filtering capabilities. An example would be an identity management system where the directory services replicate data between geographically dispersed instances, based on filtering rules.
- Data segmentation across a hybrid cloud infrastructure. As in the example given above, countries or organisations may require different levels of DS control necessitating that data have a defined location. In this case, a straightforward solution comes in the form of hybrid cloud with regional instances located at or in proximity to the point of high DS requirement.
- Consistent management tools. Common and consistent management tools and practices across all cloud regions with controls in place as to who is authorised to administer a given instance, or data set.
The following diagram shows an example solution utilising all of the above concepts.
IT teams facing data sovereignty and data protection issues should not view the cloud as a challenge to be overcome, but as a partner to be embraced. The technology and best practices exist to gain all the benefits of cloud computing while ensuring the protection, privacy and authorised access to sensitive and regulated data.