A Framework for IT Infrastructure Decision-Making in a Post-Snowden World

Over the last few weeks, our coverage of data sovereignty and data custody has focused on introducing the issues, and why – whether your focus as an enterprise executive is on growing the business, or keeping it secure, or managing IT, it is imperative to understand the issues – as well as a discussion about how Edward Snowden’s leaks have brought the issues into the board room. (For the full story, download the whitepaper, C-Suite Primer on Data Sovereignty & Data Custody: What You Need to Know.)

There is no one-size-fits-all response to the dangers that data sovereignty and data custody issues pose for the enterprise. Addressing the issues is about making fully informed business decisions. Decisions about which locations you want IT infrastructure in, and which you don’t. About which infrastructure model best suits both your needs and the data sovereignty and data custody particulars of the location. About what kinds of security processes and due diligence procedures to put in place.

“As part of any migration to the cloud, enterprises need to ensure they are aware of and comfortable with the locations where the data will be stored and the legal implications associated with those locations.”[1]

The following table presents a framework for the sorts of business decisions an enterprise will face with each data sovereignty and data custody issue, and the solutions that the enterprise should consider.data-center-security-framework

In the context of data sovereignty and data custody, making the best IT infrastructure decisions for the business requires the ability to see and control where data is running and where it is stored – and who has access to it – at every location. That visibility and control is essential for the enterprise to be able to make fully informed decisions.

“CIOs want to see and control their data, down to the rack-level. Most public cloud deployments don’t offer their end-user visibility into where their data resides. In 2014, enterprise CIOs will look at providers who offer visibility and controls that enable policy-based compliance with respect to domain. Whether it’s corporate security standards or driving compute efficiency, the CIO will be expected to know where data resides and where specific applications are running at all times.”[2]

In the whitepaper C-Suite Primer on Data Sovereignty & Data Custody: What You Need to Know, you’ll learn:

  • What data sovereignty really means (there’s a lot of misconception) and about the related issue of data custody
  • How your IT infrastructure decisions are impacted by data sovereignty and data custody issues
  • How to make fully informed decisions even in the context of secret surveillance programs and sweeping new data privacy regulations

Download the whitepaper now.

 

[1] Liam Tung, “Cloud security challenges go all the way to the board,” ZDNet, 14 Apr 2014.

[2] George Slessman, “2014: The Year the Data Center Will Rule,” Wired, 6 Dec 2013.