Here, there, everywhere: Data residency and the public cloud

Grazed from ComputerWorld. Author: Steve Pate.

It’s 10:00 PM. Do you know where your data is? Is it nestled securely within the firewalls of your data center, or is it more adventurous, spanning the boundaries of various public clouds? Cloud adoption continues to grow at unprecedented rates, raising concerns about data privacy and also about data residency, especially for organizations considering Infrastructure as a Service (IaaS) in a public cloud.

I recently attended a presentation by a large cloud service provider (CSP), who proudly explained that they immediately make three copies of customer data, placing them in disparate data centers to ensure availability and disaster recovery. Because he was speaking to a room full of security people, it’s safe to say the audience quickly became more concerned than comforted…

There is a complex web of regulations and policies that govern data privacy. The most frequently cited are the Health Insurance Portability and Accountability Act (HIPAA), and the Payment Card Industry Data Security Standard (PCI DSS). European data protection laws often go even further, prohibiting any personally identifiable information from moving outside EU or country borders. This puts some obvious limits on unrestrained use of the public cloud…

Read more from the source @ http://blogs.computerworld.com/cloud-security/22071/data-residency-and-public-cloud-why-you-should-care