Why Data Residency Matters to Digital Business
Do you know where your data is? Most organizations don’t, but they want to. Today, cloud adoption continues to grow at unprecedented rates and businesses around the globe are increasingly concerned about where their data resides.
As organizations support borderless digital business scenarios and move customer-facing transactions to the cloud, there is a growing need to ensure that data is protected and complies with local data privacy laws. However, most businesses don’t necessarily know where their cloud providers host their data. As a result, organizations prefer to have sensitive and valuable data stored domestically to ensure best security practices. This is something that resonates well with many of the organizations we speak to around the world – particularly those in regulated industries where in-country access to data is often a requirement. Let’s face it, the cloud can be a compliance nightmare for IT professionals that have limited visibility into where data resides and how data is managed.
In his report on Five Cloud Data Residency Issues That Must Not Be Ignored, Gartner analyst Brian Lowans underlines the seriousness of data residency by stating, "It is really important to understand where data is stored, and to classify any data that is subject to regulatory or export controls. Enterprises need to put in place a corporate plan that reviews data compliance, government access laws and security requirements prior to negotiations with service providers."
How to mitigate data residency risks in the cloud
Data residency in the cloud is a challenge of global proportions. While some e-signature providers will claim that they are the "global standard", the reality is that they may only have data centers in one or two geographic regions and not have the infrastructure or capacity to scale their data centers and operations globally.
In recent news, OneSpan announced expansion into six new international markets by the end of 2015. In addition to existing deployments in the US and Canada, we will offer customers around the world access to both public and private cloud instances of OneSpan Sign in Australia, the UK, Germany, Japan, Singapore and Brazil.
Our customers have identified data residency as an important factor in taking their businesses digital – particularly when it relates to their customers' data. In regulated and compliance-driven industries such as financial services and life sciences, businesses want to know exactly where their transactional data resides – right down to the city, data center and even the serial number of the server. Through our strategic relationship with IBM, we have access to a level of transparency and granular control of data that is unlike any other e-signature solution. Furthermore, we not only allow organizations to scale operations quickly, both locally and abroad, but also leverage the most secure and compliant e-signature solution on the market.
Data residency extended to third party apps
SaaS vendors including Salesforce, Microsoft, Google and SAP have all announced the global expansion of their services in recent years. New data centers are appearing here, there and everywhere. Last year for example, Salesforce announced new data centers in Canada to support its growing Canadian customer base. This was great news for Canadian organizations who want more cloud computing but are increasingly concerned about where and how data is stored.
However, firms in Canada running Salesforce may unknowingly be connecting to apps that don’t necessarily meet their in-country data residency requirements. Fortunately, the rapidly growing cloud market in Canada is creating alternatives that keep data on Canadian soil. Enter OneSpan Sign for Salesforce. Our e-signature app for Salesforce provides organizations with the flexibility to connect to any global instance of OneSpan Sign – whether that’s in the US, Canada, or any of our new instances in Australia, the UK, Germany, Japan, Singapore and Brazil. Contracts, NDAs, and documents of all kinds that are delivered to your customers, partners and other stakeholders for signature via Salesforce reside wherever your internal IT policies dictate. We’re the only e-signature solution in the market to provide this level of global flexibility.
The bottom line
When transacting in the cloud, you want to be able to tell your e-signature provider that data has to be stored in "X" country and cannot be stored outside the borders of that country. Your vendor should be able to carry out those requirements like any other feature or capability they provide through their service. How does your e-signature vendor tackle data residency issues in the cloud?
To learn more about OneSpan Sign, download our beginner’s guide which introduces key concepts and considerations when creating digital business processes with e-signatures. Or, try our quick demo and send yourself a test document and experience how easy it is to e-sign.