As the urge to hoard becomes less and everyone becomes more comfortable using web services in the cloud to run applications and store data how confident are you as to where your data is and could it be viewed without your knowledge? Financial Services have always worried about which jurisdiction the hosting servers came under and whether they were covered under regulation plus enterprises are now beginning to ensure that there is data governance and ownership for all their data. However how often should you review this?
This week the European Court of Justice has ruled that the 15 year old deal between the US and Europe (The Safe Harbour Agreement) was invalid meaning that many Businesses will now be scrambling around to put replacement measures in place to ensure that correct privacy rights are in place plus asking “did we ever use a service that was covered by Safe Harbour in the last 15 years?”
Interestingly, the ruling was not brought about by a Business but an Austrian law student against Facebook following the Snowden NSA surveillance revelations. Does anyone really know when they download an App from Apple or Androids App Store where this data is being stored? Do organisations know where the live and DR servers are located for every cloud provider, hosting company or SAAS product just in case privacy laws change? Should we? As more and more technology moves to the cloud maybe providers will offer transparency as to where data is being stored so choices can be made however as IT becomes a Global commodity there certainly will not be data centres in ever jurisdiction on the planet any time soon so in the meantime just keep a note where you kept that data as you may need to review it sooner or later.