Data Sovereignty in the Cloud: Why somewhere in the cloud doesn t work anymore

Similar documents
General Data Protection Regulation (GDPR) The impact of doing business in Asia

General Data Protection Regulation (GDPR) and the Implications for IT Service Management

OBTAINING CONSENT IN PREPARATION FOR GDPR

WHITE PAPER. The General Data Protection Regulation: What Title It Means and How SAS Data Management Can Help

Plan a Pragmatic Approach to the new EU Data Privacy Regulation

EBOOK The General Data Protection Regulation. What is it? Why was it created? How can organisations prepare for it?

This guide is for informational purposes only. Please do not treat it as a substitute of a professional legal

G DATA Whitepaper. The new EU General Data Protection Regulation - What businesses need to know

NetApp Private Storage for Cloud: Solving the issues of cloud data privacy and data sovereignty

To help customers achieve GDPR compliance, Freshchat has introduced the following new features:

Accelerate GDPR compliance with the Microsoft Cloud

GET CLOUD EMPOWERED. SEE HOW THE CLOUD CAN TRANSFORM YOUR BUSINESS.

How to work your cloud around the UK ICO s Data Protection Act

Intermedia s Private Cloud Exchange

Adtech and GDPR What to consider when choosing your partner

THE NEW EU DATA PROTECTION REGULATION: WHAT IS IT AND WHAT DO WE NEED TO DO? KALLIOPI SPYRIDAKI CHIEF PRIVACY STRATEGIST, EUROPE

PS Mailing Services Ltd Data Protection Policy May 2018

Swedish bank overcomes regulatory hurdles and embraces the cloud to foster innovation

City, University of London Institutional Repository. This version of the publication may differ from the final published version.

IaaS Framework Agreements Pan-European Cloud Services ready for adoption

What is cloud computing? The enterprise is liable as data controller. Various forms of cloud computing. Data controller

In this unit we are going to look at cloud computing. Cloud computing, also known as 'on-demand computing', is a kind of Internet-based computing,

General Data Protection Regulation (GDPR) NEW RULES

General Data Protection Regulation (GDPR)

Domain Registrations. Shared Hosting. Office 365 and Hosted Exchange #DOMAINS #HOSTING #

EU Cloud Computing Policy. Luis C. Busquets Pérez 26 September 2017

Changing times in Swiss Data Privacy: new opportunities? Microsoft Security Day 27 April 2017 Clara-Ann Gordon

EGI-InSPIRE. Cloud Services. Steven Newhouse, EGI.eu Director. 23/05/2011 Cloud Services - ASPIRE - May EGI-InSPIRE RI

AIRMIC ENTERPRISE RISK MANAGEMENT FORUM

At Sound United, we re committed to protecting and respecting your privacy.

Forms. GDPR for Zoho Forms

DATA PROTECTION BY DESIGN

General Data Protection Regulation April 3, Sarah Ackerman, Managing Director Ross Patz, Consultant

EU Data Protection Triple Threat for May of 2018 What Inside Counsel Needs to Know

A Practical Look into GDPR for IT

Overview of Key E.U. and U.S. Privacy and Cybersecurity Laws. Brett Lockwood Smith, Gambrell & Russell, LLP May 15, 2018

MEETING DATA PRIVACY AND SOVEREIGNTY CHALLENGES IN THE CLOUD ERA

Cisco Spark and GDPR. Thomas Flambeaux. Collaboration Consulting Solution Engineer, Security and Compliance. Cisco Connect 2018 Copenhagen April 12th

AUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE

THALES DATA THREAT REPORT

European Directives and reglements for Information security

Our agenda. The basics

Agenda GDPR Overview & Requirements IBM Secure Virtualization Solution Overview Summary / Call to Action Q & A 2

Cybersecurity Considerations for GDPR

Automate sharing. Empower users. Retain control. Utilizes our purposebuilt cloud, not public shared clouds

An introductory look. cloud computing in education

The Apple Store, Coombe Lodge, Blagdon BS40 7RG,

IEEE GDPR Implementation & NTC

GDPR & FOSS. Marc Jones CIPP/US, CISSP Compliance Engineer & In-House Counsel

This presentation is intended to provide an overview of GDPR and is not a definitive statement of the law.

STANDARDS TO HELP COMPLY WITH EU LEGISLATION. EUROPE HAS WHAT IT TAKES INCLUDING THE WILL?

A Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud

GDPR RECRUITMENT POLICY

EUROPEAN COMMISSION DIRECTORATE-GENERAL INFORMATION SOCIETY AND MEDIA

Google Cloud & the General Data Protection Regulation (GDPR)

When you submit material to the Lest We Forget project you are accepting and consenting to the practices described in this policy.

VISTRA MONACO PRIVACY NOTICE

H2020 & THE FRENCH SECURITY RESEARCH

GDPR and DPO. DPO and DPM. Michel Gerdes DPO DFN-CERT Services GmbH DFN-CERT Services GmbH GDPR and DPO: Slide 1

VdTÜV Statement on the Communication from the EU Commission A Digital Single Market Strategy for Europe

Leveraging the Cloud for Law Enforcement. Richard A. Falkenrath, PhD Principal, The Chertoff Group

SAFE-BioPharma RAS Privacy Policy

Getting ready for GDPR. Philipp Hobler EMEA Field CTO Global Technology Office Dell EMC Data Protection Solutions

Data Protection and GDPR

Cloud Computing: A European Perspective. Rolf von Roessing CISA, CGEIT, CISM International Vice President, ISACA

GDPR: A QUICK OVERVIEW

GDPR. The new landscape for enforcing and acquiring domains. You ve built your business and your brand. Now how do you secure and protect it?

WHITE PAPER. Meeting GDPR Challenges with Delphix. KuppingerCole Report

CLOUD BACKUP. The simple guide to avoid losing digital assets in the cloud age

Georgia Institute of Technology EU GDPR Lawful Basis Form

Richard Curran :Security Officer EMEA. Mario Romao : Senior Manager Policy, Intel

PRIVACY NOTICE (TIER 4)

Data Processor Agreement

Data Management and Security in the GDPR Era

Data Privacy in Your Own Backyard

GDPR AND WHAT IT MEANS FOR CRM AND CUSTOMER ENGAGEMENT MAY. A 7-step practical guide to achieving and maintaining GDPR compliance by 25 May 2018

Web-Accessibility as a human right

Bisnode View Why is it so damn hard to piece together information across the enterprise?

Cloud28+ Compliance in Cross Border Business

RIPE NCC Update. Kaveh Ranjbar Chief Information Officer RIPE NCC. Kaveh Ranjbar 22 February 2018 APTLD

Data Privacy Statement for myportal to go

The Cyber Savvy CEO Getting to grips with today s growing cyber-threats

IBM Compliance Offerings For Verse and S1 Cloud. 01 June 2017 Presented by: Chuck Stauber

GDPR Action Plan: How Comms Teams Should Prepare

Data Security and Privacy at Handshake

13303/17 CB/ek 1 DGE 2B

EU-US PRIVACY SHIELD POLICY (Updated April 11, 2018)

Best Practices in Securing a Multicloud World

e180 Privacy Policy July 2018

EU GDPR and . The complete text of the EU GDPR can be found at What is GDPR?

Privacy and Cookies Policy

GDPR Compliance. Clauses

Data Protection. Code of Conduct for Cloud Infrastructure Service Providers

PSD2 & OPEN BANKING Transform Challenge into Opportunity with Identity & Access Management E-BOOK

ehaction Joint Action to Support the ehealth Network

Data Governance for GDPR Compliance: Principles, Processes, and Practices

A practical approach towards Big Data in the context of the upcoming EU data privacy and data protection regulation.

Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops.

Business Technology Briefing: Fear of Flying, And How You Can Overcome It

CAN MICROSOFT HELP MEET THE GDPR

Transcription:

Data Sovereignty in the Cloud: Why somewhere in the cloud doesn t work anymore

Hello from Zettabox! Alexander Guy Head of Growth and Business Development Zettabox alex@zettabox.com @alexanderwguy19 2

The Plan 1 Current Cloud Storage Market Strengths 2 Data Sovereignty and Protection in 2016 3 Criticism vs. Control in the Cloud 4 What does this mean for NRENs? 2

1 Current Cloud Storage Market Strengths

Cloud Storage benefits Remote access to content Multi-device functionality Ability to share files and collaborate easily Easy to use interface and apps Increases teamwork and collaboration 5

Current Market for Cloud Storage 6

But where is your data? My data? I don t know. Somewhere in the cloud. 7

The Problem Regulators across the European Union and beyond are mandating that organizations prove consumer data remains in-country. 8

2 Data Sovereignty and Protection in 2016 9

So what is Data Sovereignty? Data sovereignty is the concept that information which has been converted and stored in binary digital form is subject to the laws of the country in which it is located. (source) 8

GDPR is a step to ensure Data Sovereignty in Europe General Data Protection Regulation (GDPR) is a recently ratified law intended to standardise data protection, storage and privacy in the EU. Signed into law last week, the GDPR was developed with cloud providers and personal data in mind. The GDPR will give users back the right to decide on their own private data, including by strengthening rules on data subject consent and on processing of sensitive data. The next phase of the cloud will allow customers and companies to choose where their data is stored. 8

What is at stake? There s no United Nations of data; each country is looking at its own specific types of data. The only way to deal with it is to store specific data in-country. -TechCrunch 2015 7

3 Response to Data Sovereignty Laws

Microsoft and Deutsche Telekom 8

Is a data trustee enough? Last November, Microsoft publicly made waves when they announced Deutsche Telekom would be their data trustee in Germany, an attempt by the company to store German customers data in the country. Yet, the data centres where this data is stored are still owned by Microsoft, raising questions as to who actually owns the customer and if regulators will indeed be satisfied. Microsoft s insistence that it cannot access data without the consent of the trustee is at odds with the US Attorney General who has repeatedly affirmed the American government s right to extract data from American-owned company s data centres. The uncertainty around this issue creates an opportunity a wholly European solution that prevents this practice. 8

Critics of Data Sovereignty 1 2 3 4 It s expensive It takes too much time to migrate I don t really care if someone looks at my data No one will be able to enforce it 8

Let s break that down All major cloud providers operate at the same cost base. Europeans providers are beginning to match this across IaaS and SaaS sectors. Migrating from one software to another is about the same burden everywhere. Adopting GDPR-compliant tools will not take more time than alternatives. Compliance is different across sectors and industries. Businesses and consumers in the Sensitive Data Storage space, Data Sovereignty is a form of protection. Governments across the EU are addressing data sovereignty laws rapidly in the post- Safe Harbour world. The enforcement question will be answered soon. 8

4 What does this mean for NRENs? 18

Protecting Academics, Researchers and Staff CLOUD STORAGE & BACKUP COMPLIANT WITH EU DATA PROTECTION/ SOVEREIGNTY RULES NO 3RD PARTY MONITORING/ DATA MINING OF CUSTOMER DATA PROTECTION OF INTELLECTUAL PROPERTY & RESEARCH BUILT-IN PRIVATE, CONTENT- CENTRED MESSAGING MAINTAINING THE RIGHT TO BE FORGOTTEN & TOTAL CONTROL OF IDENTITY 8

Looking ahead to 2018 when GDPR comes into effect 1 2 3 4 5 6 Tougher contractual clause rules Proliferation of Local Clouds Privacy Shield comes under fire Clamping down on shadow IT practices Right to be forgotten fight intensifies Expanded power of associations 8

But there is good news! Cloud companies across Europe are beginning to address the issues of data sovereignty and ownership in the cloud. 1 2 3 4 Major cloud providers are starting offering EU companies and consumers more control of their cloud storage location. Previous data protection regulation was in place for 15 years. After this change, the law is unlikely to alter substantially for at least a decade. From a user perspective, access to compliant services is only getting easier, with adoption simple and fast. Options that meet data sovereignty are already available, offering locallyhosted cloud storage across the EU. 8

Questions Q & A James Kinsella THANKS FOR LISTENING WE LL BE ANSWERING QUESTIONS NOW 16 22

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback