Cloud Hosting

Historically, global organisations have had to make a trade-off between the agility and collaboration benefits of the cloud and maintaining data sovereignty, security, and control.But this is no longer the case: you can have the best of both worlds.

There are simple ways that organisations can take complete control of the data they store and share in the cloud, ensuring that sensitive data can only be accessed by the people and systems that have been granted the authority to do so.With this level of control, you can maintain data sovereignty and residency, as well as implement a zero-trust architecture, while using the cloud providers of your choice.

A company based in Europe may find itself in a situation where its required to hand over its customer data to the US government. Why? Because: (a) the leading cloud providers are predominantly US-based and subject to various laws requiring cooperation with US local and federal government entities, and (b) there is currently no multilateral privacy framework.

The absence of a global privacy framework has caused governments to take different legal and policy approaches to data, and with this, privacy has become a polarising issue for global businesses.

However, while the system of national and regional law continues to evolve, companies are demanding flexible and universally compliant cloud enablement tools right now: to enable their full participation in the global economy, maintain the benefits of the public cloud and provide complete control over data access.

Cloud providers have taken steps to strengthen data residency and sovereignty, such as defining regions and zones for data storage and processing. But this approach is incomplete, and depending on the location of your organisation, the capabilities can vary. For example, GPUs may not be available in some regions.

In a world where speed, efficiency and collaboration are table stakes for innovation, global companies need a better option. You shouldnt have to sacrifice productivity for security and control of your own information.

Implemented correctly, end-to-end encryption of sensitive data can not only shield data from unauthorised access, but it can also give you complete control over that data as it travels and is shared.

The European Data Protection Board has identified end-to-end encryption as an effective means of securing data while leveraging a third-country service provider, so long as that encryption and its algorithm are robust; that the encryption is applied for the entire time period that the data must remain confidential; and the keys are reliably managed and controlled by the data owner.

End-to-end encrypted data is protected before it hits the cloud providers server, shielding sensitive data from anyone without authorised access including the cloud provider themselves. When you control the encryption keys, only you can decide who to grant access to your sensitive data.

The result is that your most important asset your data remains secure and fully under your control, while giving you the ability to leverage the cloud provider of your choice, even if theyre located in the US.

If your data is protected by end-to-end encryption and shielded from the cloud provider, you dont have to worry about whether foreign governments subpoena your information, because while the cloud provider may be forced to turn over the information they have, that information is incomplete: it does not include the true, meaningful contents of that data, because they dont have the keys to whats inside.

Not all encryption providers are created equal. In a rapidly evolving global cloud landscape where cyber threats are continuing to escalate, youll want to consider the following:

Renaud Perrier is senior vice-president, international, at Virtru, a specialist in encryption standards and technology.

More here:
Achieving agility, collaboration and data control in the cloud - ComputerWeekly.com