Moving to the Cloud: 3 Ways to Ensure Data Sovereignty - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

03:00 PM
Allan Leinwand, ServiceNow CTO
Allan Leinwand, ServiceNow CTO

Moving to the Cloud: 3 Ways to Ensure Data Sovereignty

Navigating the maze of data sovereignty laws can be intimidating, organizations should not let this deter them from making the move if companies do their due diligence.

In the beginning, the cloud was somewhat of a mystery.  This seemingly magical technology has transformed the way many organizations operate, and companies around the world are taking advantage of all that the cloud has to offer.  Yet despite the implications of its name, the cloud is a very physical and hardware-centric technology. With this physicality comes a unique set of challenges, particularly in regards to data sovereignty.

Companies eager to migrate to the cloud are finding that the question of where their data will reside is not as simple as it used to be.  In the past, the idea of letting data, especially sensitive information, outside of its walls was out of the question.  Now, with data stored in the cloud, companies are faced with local data regulations and maintaining cross-border data and compliance. The rapid adoption of cloud-based technologies and expansion of cloud service providers across the globe is making the physical aspect of the cloud a much bigger issue for companies migrating to the cloud.  Adding to the confusion is that there is no standard set of rules or requirements when it comes to privacy and data hosting.  This means companies are subject to their state or country’s data sovereignty laws which vary from place to place.

Even with the technical and legal challenges of moving on-premises systems and information stores to the cloud, companies recognize the many benefits the cloud has to offer and are moving forward.  To avoid the headaches of complying with data sovereignty, companies need to know the location of their data, do their homework, and put transparency above all else.

Location is key

Because data sovereignty laws vary from region to region, companies need to identify a provider with data centers that comply with all applicable data sovereignty laws.  The locations of their data centers are key to this process as well as the provider’s agility and flexibility in regards to the physical location of the data.  If a provider does not have a large enough network they may not be able to ensure complete compliance with data sovereignty.

 Also worth noting is how companies working in the government or healthcare industries are often subject to stricter data sovereignty laws.  For instance, some federal agencies within the United States require their data be stored exclusively within the US. Companies should consider and evaluate providers that specialize in these industries.

Do your homework

When working with customers on their cloud migration strategy, they often will tell me that they can’t migrate to the cloud because of concerns over the physical location of data.  Before making that determination companies need to do more research, read the fine print of their cloud contract, and ask the right questions.

When moving data to the cloud, companies need to dig deeper in their research and line of questioning.  Start with the basics, followed by the tougher questions.  Often, the answers will reveal red flags suggesting that they are not in compliance with their region’s data sovereignty laws and need to reassess their approach to adopting cloud-based services.  Companies should consider asking the following questions:

  • What types of services is your company using, and where does all the physical data reside? 
  • Can they exchange email or other communications with entities outside of the company or region?
  • Do they store any data outside of the company or country with partners or suppliers? 
  • Do they use any other cloud services?

Allan Leinwand, ServiceNow
Allan Leinwand, ServiceNow

Priortize transparency

One of the biggest hurdles we see companies have to overcome when migrating to the cloud is accepting that their data will no longer be under their control.  To help companies be more comfortable with having confidential information outside of their power, providers need to be more transparent.  Companies should, therefore, look for a provider that will give them greater visibility and access.  This transparency will go a long way with earning customer trust and confidence in the cloud.

The cloud is changing the way companies get work done, making it the defacto standard for many organizations’ IT infrastructure.  While navigating the maze of data sovereignty laws can be intimidating, organizations should not let this deter them from making the move.  If companies do their due diligence and get the right help, they will have a smoother transition to the cloud. 

Allan Leinwand is chief technology officer at ServiceNow, the enterprise cloud company. In this role, he is responsible for overseeing all technical aspects and guiding the long-term technology strategy for the company.

Before joining ServiceNow, Leinwand was chief technology officer – Infrastructure at Zynga, Inc. where he was responsible for all aspects of technology infrastructure used in the delivery of Zynga’s social games including data centers, networking, compute, storage, content distribution and cloud computing. Leinwand currently serves as an adjunct professor at the University of California, Berkeley where he teaches on the subjects of computer networks, network management and network design. He holds a bachelor of science degree in computer science from the University of Colorado at Boulder.

The InformationWeek community brings together IT practitioners and industry experts with IT advice, education, and opinions. We strive to highlight technology executives and subject matter experts and use their knowledge and experiences to help our audience of IT ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

10 Things Your Artificial Intelligence Initiative Needs to Succeed
Lisa Morgan, Freelance Writer,  4/20/2021
Tech Spending Climbs as Digital Business Initiatives Grow
Jessica Davis, Senior Editor, Enterprise Apps,  4/22/2021
Optimizing the CIO and CFO Relationship
Mary E. Shacklett, Technology commentator and President of Transworld Data,  4/13/2021
White Papers
Register for InformationWeek Newsletters
2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll