EXPERT OPINION
risks . Consequently , security platform vendors must treat the protection of the personal data that their customers hold as a core responsibility .
Evaluating data security policies
The spate of recent supply chain cyberattacks , such as that experienced by SolarWinds in 2020 , has exposed potential vulnerabilities in providers across the globe . It ’ s imperative that organisations should evaluate the data security policies of all vendors as part of the procurement process . Ideally , they should be looking for security platforms capable of detecting and responding to such security threats , supporting and informing their own data security policies . In addition , EU-based organisations should be looking to select vendors that can help them from both a compliance and security perspective .
The overriding issue here is the protection of personal data , where it ’ s located and where it ’ s transported throughout the EU , and if it complies with regulations . Most large enterprises , regardless of whether they are based inside the EU , are international businesses , with cloud and IT infrastructures that span different geographies . They ’ re sensitive to the needs of their customers and appreciate the need to comply with the data regulations of the regions and markets they operate in .
When it comes down to managing the data of EU citizens or customer data within the EU , businesses need to ensure they have the correct legal frameworks and data provisioning services in place . This includes the ability to monitor and track data as it flows from one cloud infrastructure to another across the region . They need to be aware of its location and if it ’ s secure . All these points support the need to invest in a local data residence , or partner with a vendor that already has a local data storage facility in place .
Keep data closer to home
The privacy and protection of personal data is becoming increasingly important , especially for businesses in the EU . With the Court of Justice of the European Union and other regulatory bodies continuing to tighten controls on the storage and usage of EU citizens ’ personal data , data security is now – undeniably – everyone ’ s responsibility .
Organisations need to ensure their data is compliant – held within the EU ’ s borders and adequately protected .
Vendors need to step up and offer the security , assurance and autonomy their customers need for data sovereignty and regulatory compliance . This can be achieved by having a local data storage facility in place to manage the provisioning and processing of personal data . With the addition of XDR , it ’ s possible to add another layer of security , one that allows organisations to tackle threats head on , reduce risk and protect personal data . ◊
ORGANISATIONS NEED TO ENSURE THEIR DATA IS COMPLIANT – HELD WITHIN THE EU ’ S BORDERS AND ADEQUATELY PROTECTED .
42 www . intelligentdatacentres . com