Posts Tagged ‘data protection compliance’

Data Sovereignty in the Cloud

Mat Hamlin

Director of Products for Spanning by Dell EMC
Mat is the Director of Products for Spanning by Dell EMC. He is responsible for the overall direction and strategy for Spanning's suite of SaaS backup and recovery solutions. His career in technology spans five startups and two large organizations, all in Austin, TX. Mat started out in product support and training, then engineering leadership and for the past nine years has been focused on product management and product marketing. Prior to joining Spanning, Mat served as Sr. Product Manager for SailPoint Technologies and Sun Microsystems, contributing to their market-leading enterprise identity management solutions.

The requirement to comply with data protection and privacy laws, like the EU’s General Data Protection Regulation (GDRP) and Australia’s privacy laws, drive the need to evaluate where enterprise organizations are storing their data in cloud data centers. If your organization hosts your own data centers, this can be challenging if you are multinational, but it can be just as difficult when you rely on SaaS providers to manage your data since the control of your data destination is a bit out of your hands.

dp-compliance

If you’re using a SaaS application, such as Office 365 or Salesforce, and are backing up your data with a third-party backup provider, there are many factors to consider as you evaluate your data protection strategy. Understanding the regulations and requirements first and then considering how the providers handle your data are both important.

What privacy laws apply to my organization?
As you build a cloud and data protection strategy, start by evaluating the privacy laws that apply to your data and corporate policies, and compare that against your SaaS provider’s offering, including the primary data storage location and their replication strategy.

My strong suggestion is that you work directly with your audit, compliance and legal teams to ensure you fully understand the regulations that could be applied to you directly or indirectly through business relationships with organizations in other regions.

Generally, global privacy and data protection laws provide strong frameworks and mechanisms to transfer personal data to other countries and economic regions if required, but the regulations are typically strict and the penalties can be costly. As a result, many organizations decide to enforce data governance policies that ensure data remains within defined boundaries. (more…)

SUBSCRIBE BELOW

Categories

Archives

Connect with us on Twitter

Click here for the Cloud Chats blog