Data privacy and localization rules intended to protect data also restrict how and where organizations can store and move their data. 75% of countries have some level of data localization rules, which may include data residency as well as prohibiting cross-border movement. As a result, these laws can make it difficult for organizations to operate in certain locations with strict laws. A lack of experienced compliance personnel also makes organizations hesitant to operate in locations where they lack sufficient local knowledge. Organizations need to be able to react quickly and efficiently to changing regulations and technology, meaning their data must be portable and interoperable.
VMware Sovereign Cloud helps organizations future-proof their cloud infrastructure with data independence and mobility. Data can be shared and migrated as needed to respond to changes in technology or geopolitics. A sovereign cloud is compatible with multi-cloud or hybrid cloud strategies and is separate from the underlying infrastructure, preventing vendor lock-in. Workload migrations into or out of a sovereign cloud are secure, allowing organizations to deploy and move data anywhere as needed.
Data privacy and localization rules intended to protect data also restrict how and where organizations can store and move their data. 75% of countries have some level of data localization rules, which may include prohibiting cross-border movement.1
The combination of changing laws and a lack of experienced compliance personnel can make organizations hesitant to operate in locations where they lack sufficient local knowledge. Organizations need to be able to react quickly and efficiently, meaning their data must be portable and interoperable.
Satyajit Parekh, et al., “Localization of data privacy regulations creates competitive opportunities”, McKinsey, June 2022.
More than 50 countries now have regulations to control how data travels across national borders, meaning that meeting data residency requirements alone is no longer sufficient.
Because these regulations continue to change rapidly and have such vast impacts on businesses, organizations must future-proof with flexible data infrastructure. They must also partner with experts to ensure they’re complying with restrictions on cross-border movement of data. Sovereign cloud provides a modern architecture to make changes as needed for compliance quickly, backed by local experts to provide guidance.
Sovereign clouds are ideally part of a multi-cloud infrastructure that also includes public clouds for storage of non-sensitive data. Not only does this provide an efficient solution for organizations in terms of scale and cost, but it also allows sharing of data as needed, such as using public cloud data sets in sensitive data analysis or sending anonymized sensitive data to the public cloud or another entity. Thus, a sovereign cloud provider must be able to support multi-cloud and hybrid cloud environments with complete interoperability.
Data independence is also needed for a successful sovereign cloud implementation. It lets you keep data separated from the applications that use it, meaning that any changes in the data structure won’t impact the application, improving performance, security, and flexibility.
Portability is another key consideration when looking for a flexible sovereign cloud provider. This allows you to avoid vendor lock-in by being able to migrate workloads as needed. Without portability, your application or service may end up stuck with a provider that doesn’t have the latest features. Support for containerization of applications also makes migration simpler.
Data portability is also a right of individuals under regulations such as GDPR. Under the regulation, individuals are permitted to export, receive, or expunge data held about them. Therefore, your data must be stored in a structured, common, and machine-readable format to enable this portability.
It is important to remember that an IPS is only one part of a robust security solution—it needs to work with other technology for maximum effectiveness. In fact, intrusion prevention systems are often offered as one capability of a unified threat management or next-generation firewall solution, although they can also be standalone offerings. In a typical security architecture, the IPS usually sits just behind the firewall and works in tandem with it to provide an extra level of security and catch threats that the firewall can’t catch on its own. An IPS also helps protect other security controls from attack, as well as improving performance for those controls by filtering out malicious traffic before it reaches them. Most importantly, an IPS provides an additional layer of security by identifying and filtering out threats that other parts of the security infrastructure can’t detect.
As data privacy and security threats become more prominent and severecritical, it's important to have a data mobility strategy in place. Sovereign cloud providers comply with local and international regulations to ensure your data is kept safe and secure. Engaging with a trusted Sovereign Cloud provider with expertise in data privacy, data security, data residency, and data mobility can help guide you towards a robust data protection plan.
With a VMware Sovereign Cloud provider, you can follow these best practices:
- Data remains under sovereign control and avoids compelled access by foreign authorities
- Ability to use public clouds without risking exposure of data or metadata
- No dependency on any non-sovereign vendors
- Future-proof and interoperable to avoid vendor lock-in
- Stay compliant with changing regulations, security threats and geopolitics
- Seamless portability and interoperability for freely deploying and moving data anywhere
- Utilize containerized apps on any cloud infrastructure running Kubernetes