In which region/country is my data stored?
Many cloud providers have data centers deployed across multiple regions. The physical distance between the user and the data center, even in high bandwidth connections, still matters because of network latency. High latency causes data transfers to time out and applications to break down, so one would always prefer to have the data stored in one’s own region. Additionally, other considerations for companies that are spread out over multiple regions (e.g., North America and Europe) would require data to be replicated across multiple regions. This is also sometimes done for redundancy or disaster recovery purposes.
Service-Provider Legal Residence
In which country is my cloud provider registered?
Data residency, or where the data is physically stored, is not the only aspect influencing sovereignty. Even if the data is stored in your own country but the provider hosting it is a company subject to foreign laws, your data may be accessible to foreign governments under various laws of information disclosure, or it may be disclosed to certain parties in case of a lawsuit. Check your service provider’s legal status if it’s important to you not to have your data exposed to such disclosures.
Data Center Best Practices
In what type of data center(s) is my data stored?
It’s important to know that industry-standard security best practices are being applied to your data storage, and that includes both IT security as well as physical security measures. Details like 24/7 surveillance, anti-fire systems and multi-factor authentication for entry are to be expected. There are various types of certification for data centers that audit data centers to ensure compliance with best practices.
In what type of tenancy model is my data stored?
There’s a difference between the multi-tenancy model of public cloud, and the model now popularly called Virtual Private Cloud or VPC. In the normal multi-tenancy model, data is stored in the same logical system or “bucket” with other organizations’ data, and access to it is governed by access control mechanisms.
With a VPC, your data is stored in logically separate, fenced-off infrastructure that can be made accessible only via your VPN. This makes the VPC as secure as your own private data center environment, so even if access control mechanisms fail, your data can never be mixed with other data. By default, this also means you can encrypt your data with your own keys, and control every aspect of an encryption policy.
In what storage format is my data stored?
Common storage formats (both in and out of the cloud) include block, file and object storage. Cloud storage typically includes some variation of all three, but they are utilized for different purposes and applications. For most file services such as backup, file sync and share, as well as for storage of large amounts of unstructured data, object is the preferred format – for both its massive scalability and cost-efficiency. AWS S3 is an object storage system, as is OpenStack Swift.
Normally, storage format is not something cloud users need to concern themselves with – but if there are cost concerns and scalability expectations and you are using one of the lesser-known cloud providers, it is wise to verify the suitability of storage format to your needs.
How deep is your love for data?
Not everyone needs to dig through all these layers, but it’s good to know they exist. Cloud providers are not responsible for your data – you are. For best practices, use these questions as your checklist and revisit them every six months to make sure your data is still located where it should be and that you are meeting compliance requirements. Demystifying cloud storage to understand where your data really lives and how it affects data governance, security, integrity, sovereignty and compliance can remove some of the obstacles in adopting “the cloud” in an optimal way.
In the last few years, “the cloud” has become a household term, yet it’s not always as well understood as you might think. Used in this popular singular form, “the cloud” suggests that there really is a single, nebulous entity where computing resources and endless data storage magically reside. Of course, the reality is that the cloud is a network of data centers, and within those, a network of servers and storage nodes. The real mystery begins when organizations start taking a closer look at the cloud’s inner workings, asking such questions as: Where exactly does my cloud data live?
Understandably, many organizations are still wary of placing their sensitive data anywhere but in their own data centers. In that case, they know exactly where the data resides. However, there are reasons why enterprises – even in regulated industries – would want to use external cloud services – a move that doesn’t necessarily mean they lose sight and control of their data. In this slideshow, CTERA outlines five questions organizations need to ask before moving data to the cloud.