October 14, 2015 | by Brian W Levine
Questions to Ask Your Cloud Service Providers after Safe Harbor Ruling
While many SaaS businesses are scrambling to respond to the latest decision by the European Court of Justice (ECJ), at Syncplicity by Axway it is business as usual for customers that wish to store data locally, in their region of choice. In case you missed it, on October 6, 2015, the ECJ issued a ruling, which invalidates the long-standing US Safe Harbor framework, which allowed companies to transfer personal data from the EU to the US.
While the latest ruling does not make data transfer from the EU to US illegal, it creates uncertainty for companies working with US cloud providers that do not provide European cloud storage options.
The good news for Syncplicity by Axway customers is that it is business as usual. Syncplicity by Axway has always provided enterprises with a policy-driven Hybrid cloud, which enables organizations to determine which data is stored in a public cloud, which data is stored in a private cloud, and under which national sovereignty that data should remain. By choosing the physical geography of their Syncplicity by Axway StorageVault, customers that store personal information may avoid the concerns of transatlantic data transfer.
Organizations looking to leverage the cloud should ask the following questions when selecting an Enterprise File Sync and Share (EFSS) or Cloud Content Management solution.
• Does the provider offer a choice of storage location? Most SaaS providers do not offer a choice of where the data should physically reside. Syncplicity by Axway does not believe in a one-size fits all approach. Multi-nationals and State agencies need the flexibility to retain data in the region of their choice. Syncplicity by Axway’s policy-driven Hybrid cloud solves the challenge by allowing customers to use the right storage location based on the end-users’ personal characteristics such as business role or nationality.
• Are files stored in a public, multi-tenant cloud or in a private, single-tenant cloud? While some vendors are scrambling to react and planning to offer cloud storage in European data-centers, it is clear that their customers’ data will be collocated and compute resources will be shared with many other parties. Syncplicity by Axway’s Hybrid StorageVault allows maximum visibility and control by providing a private, single-tenant cloud to host sensitive datasets.
• Does the cloud vendors’ security model scale to the size of your business? Storage choice is irrelevant if your provider’s access control rules follow a one-size-fits-all approach. Syncplicity by Axway’s group-based policies provide the flexibility to set more secure rules on sensitive business groups such as the C-Suite and Engineering, while allowing a more open sharing model for customer-facing Sales and Marketing teams.
• Is the vendors’ cloud the single source of truth for authentication and authorization? While all cloud service providers offer single-sign-on (SSO), Syncplicity by Axway’s StorageVault Authentication adds a unique, secondary control to verify the end-user’s identity. Which means if the integrity of the cloud authentication is somehow compromised, your private data is still secure and cannot be accessed by a privileged insider or government agency.
Our many European customers have been down this decision path in anticipation of the latest Safe Harbor ruling. In addition to these controls, customers have reviewed our standards for handling personal data and performed their own in-depth security analysis on our systems.
We continue to work closely with our customers’ Legal and Privacy teams throughout Europe to determine what additional capabilities we can provide to best meet their legal requirements. We are confident we will continue to lead the industry in 2016 with our cloud architecture and the choice provided by our Hybrid Cloud.
comments powered by