Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

The complexity of data sovereignty in a multi-polar world

Issue 6 2023 Infrastructure


Andrew Cruise.

“The importance of data sovereignty and security creates complexity in a world where sharing such information across borders generates huge social and economic benefits,” says Andrew Cruise, Managing Director of Routed. It is clear that in the digital age, data sovereignty is becoming more important, as data is increasingly generated and collected through a variety of channels, including e-commerce, social media platforms and mobile devices.

Essentially, data sovereignty is a phrase that describes the principle that a country has the authority and right to govern and control the data generated within its borders. Thus, the concept of data sovereignty gives governments the power to regulate the collection, storage, processing, and distribution of any data that originates within their borders.

Obviously, this will have an impact on cross-border data flows and international data-sharing agreements. Remember that different countries adopt different data sovereignty policies, but broadly, they are about demanding that data generated within the country be kept within the borders for security or regulatory purposes.

Complicating the situation is the recognition that data access and the sharing of such information across borders generates social and economic benefits of somewhere between 2,5% and 4% of GDP. In addition, data transfers of this nature also enable a wide variety of other critical activities, such as the sharing of essential information related to crime prevention, scientific research and innovation, anti-fraud and money-laundering activities, disaster management and even climate change.

It is worth paying close attention to data sovereignty, not only from the point of view of safeguarding private data, but also to avoid liability issues related to legal violations associated with a failure to protect personal information.

A major reason for the complexity around data sovereignty is that the laws governing it vary greatly from country to country, as do cloud service providers’ agreements concerning privacy policies and user rights. Therefore, organisations operating across multiple countries or regions must understand each country’s regulations to comply with all applicable laws.

In fact, ultimately, there are multiple differing definitions of exactly what constitutes ‘data sovereignty’, and it is vital that we obtain some form of industry-wide collaboration in defining and upholding the principles of data sovereignty.

Recognising the complexities of data sovereignty, VMware notes that the answer lies in sovereign cloud deployment, as this is an option that is inherently more secure and offers better data integrity and data assurance.

To this end, VMware is making efforts to promote Sovereign Cloud Partnerships and the criteria they use to select providers, but at the same time, it seeks to limit the number of providers in each region - thus ensuring the rarity of the ‘cloud sovereignty’ badge.

Among VMware’s requirements are for such service providers to have locally sited data centres and, in terms of data security, for them to be ISO and payment card industry data security standard (PCI-DSS) compliant - both areas where Routed has met requirements.

It already segregates management networks from production networks, storage traffic from a host strategy, and even separates host traffic from public-facing web traffic. In addition, we have multi-factor authentication (MFA) in place and have been leveraging the principle of least access from the very beginning. Routed has been highly conscious of implementing security best practices on its infrastructure from the outset.

Moreover, while the company may have secured our back end, poor security measures further down the value chain, like leaving ports open on firewalls, are difficult to mitigate against. However, when it comes to issues of data resilience and data integrity, this requires that backup and replication products be available to assist in a disaster recovery scenario.

Ultimately, there is no one true definition of what data sovereignty is, but it will always entail data locality within sovereign borders, data security and data integrity.




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Upgrade your PCs to improve security
Information Security Infrastructure
Truly secure technology today must be designed to detect and address unusual activity as it happens, wherever it happens, right down to the BIOS and silicon levels.

Read more...
The hidden cost of cheap networking gear
Duxbury Networking Infrastructure
When it comes to building a network, price is always a consideration, especially in the current economic climate, but there is a difference between smart spending and short-term savings with long-term losses.

Read more...
Open source code can also be open risk
Information Security Infrastructure
Software development has changed significantly over the years, and today, open-source code increasingly forms the foundation of modern applications, with surveys indicating that 60 – 90% of the average application's code base consists of open-source components.

Read more...
Fastest PCIe Gen 5.0 NVMe SSD
Products & Solutions Infrastructure
Sandisk has unveiled the WD_BLACK SN8100 NVMe SSD with PCIe Gen 5.0 technology, an internal SSD delivering speeds up to 14 900 MB/s and capacities up to 4 TB, with 8 TB solutions available soon.

Read more...
Unified storage solution
Products & Solutions Infrastructure
CASA Software has announced the local availability of Nexsan’s upgraded unified storage solution, Unity NV4000, which is ideal for mixed workloads, from virtualisation and video surveillance to secure backup and recovery.

Read more...
Suprema unveils BioStar Air
Suprema neaMetrics News & Events Access Control & Identity Management Infrastructure
Suprema launches BioStar Air, the first cloud-based access control platform designed to natively support biometric authentication and feature true zero-on-premise architecture. BioStar Air simplifies deployment and scales effortlessly to secure SMBs, multi-branch companies, and mixed-use buildings.

Read more...
Back-up securely and restore in seconds
Betatrac Telematic Solutions Editor's Choice Information Security Infrastructure
Betatrac has a solution that enables companies to back-up up to 8 TB of data onto a device and restore it in 30 seconds in an emergency, called Rapid Access Data Recovery (RADR).

Read more...
Advanced surveillance storage from ASBIS
Infrastructure Surveillance Products & Solutions
From a video storage solutions perspective, SkyHawk drives, designed for DVRs and NVRs, offer high capacity, optimised firmware, and a reliability workload rating of hundreds of terabytes per year.

Read more...
Power surges are killing our networks
Duxbury Networking Infrastructure
With power surges and lightning strikes becoming an all-too-familiar threat to South African infrastructure, Duxbury Networking is calling on local installers and network integrators to follow proper grounding protocols.

Read more...
A passport to offline backups
SMART Security Solutions Technews Publishing Editor's Choice Infrastructure Smart Home Automation
SMART Security Solutions tested a 6 TB WD My Passport and found it is much more than simply another portable hard drive when considering the free security software the company includes with the device.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.