The term seems to have taken on a life of its own, but when we talk about data sovereignty, we are talking in legal terms about data management – specifically whether our data meets the country specific regulations in which it is processed or collected. This is not about data residency, but about the regulatory backdrop to all our business data, wherever it may be.
Michael Cantor, CIO, Park Place Technologies.
The fact that the World Economic Forum estimates over 92% of all data in the western world is stored on servers owned by US-based companies, underscores anxieties over the location and ownership of data. As cloud storage booms and data sets grow businesses are confronted with increasingly complex data landscapes, often spanning multiple geo-locations.
While data might be collected by a US provider, its customers may reside in Spain and the backup may take place in Ireland – and the data must be compliant with all three countries’ local data sovereignty rights. It gets complex very quickly and the UK’s Brexit added additional spice to the conversation.
Regulations and data reform
In a recent Queen’s Speech delivered by Prince Charles to the House of Commons, he nodded to the upcoming legislative agenda on Data Reform. Since Brexit, the UK has been examining possible deviations from the highly complex General Data Protection Regulation – legislated by the EU in 2018. As we anticipate simpler rules – around personal data protection and how data can be leveraged to increase the competitiveness of UK businesses, to boost the economy – the reality is that with good healthy data strategies in place, these changes shouldn’t rock the boat.
But regardless of the UK’s pro-competition approach to loosening regulations, we are still transacting with multiple regions everyday – as we ultimately live in a global, though increasingly bordered digital world. The bottom line is that those businesses practicing good cyber hygiene, applying the most stringent data sovereignty laws consistently across their business, will be best placed to keep up with the challenge. As laws evolve, businesses scale and new cloud applications come on stream it is imperative that investments are made in human and technological resourcing to keep up.
Those who invest in Discovery and Maintenance will lead the way with automated discovery of all physical, virtual and cloud assets, enabling businesses to understand what sits where at all times. This creates the necessary agility to respond to changing legislations and adapting to future sovereignty challenges. With these vital services running, it should require a mere tweaking of an already agile data strategy to remain compliant.
This is particularly pertinent when it comes to automated back-ups adding to the data sprawl in the enterprise cloud, getting to grips with data assets in a fast-paced M&A environment and acquiring new AI-driven technologies. There is no business left untouched by the demands of data sovereignty.
A holistic, accurate listing of all IT assets across a business’ hybrid cloud infrastructure is crucial. A high caliber service provides customers a single source of trust, allowing them to better understand their full hardware and software asset inventory, data center dependencies and warranty details. By investing in simplified IT management services, CIOs can boost staff efficiencies while reducing the cost of operations. Which is better for business all around.
Meanwhile, when it comes to data access and security, businesses with automated discovery and maintenance can extract scanned data and populate an accessible repository – securing scanned data with portal access and reporting. Automating the process of discovering and identifying infrastructure topology (storage, server, network, applications), dependencies and relationships as well as individual assets based on asset class (server, storage, network), OEM, serial number, model number, and other asset data helps to streamline the data management.
Together, with agile data strategies and cyber hygiene at the core – businesses can stay on top of their data sovereignty challenges. Cloud services are part of the solution. But a consistent approach across the business is vital too. Whatever jurisdiction a business works in – whether like the UK, it looks set to loosen up regulations or not – preparing to maintain compliance with the most stringent regions is a smart move. With the right tools, skills and behaviors on board, its just another shimmy in the digital transformation journey.