Where your cloud resides matters

Geographic location plays a significant role in establishing data protection obligations in the cloud.

And while many cloud services originated within the US, growing demand, global competition, and practical business models drive vendor proliferation of cloud services hosted across diverse geographic locations.

Unfortunately, conversations with end users and vendors suggest many organizations simply aren’t aware of where their cloud datacentres reside. This naive lack of information can be quite risky when the location of the datacentre triggers a number of privacy and data security requirements that — if not met — may just land you in jail, facing a stiff fine, or at the very least, navigating cumbersome compliance requirements.

Forrester’s recent research, Infrastructure-As-A-Service (IaaS) Clouds Are Local And So Are Their Implications, sheds some light on the impact of geographic location and provides a working map of today’s Public IaaS data center locations. This initial footprint is likely to change as demand continues to expand and I&O professional are well advised to track just where their data center exists in the cloud to understand how country specific regulations may impact business.

To help you grasp the varying scope of regulatory requirements at a high level, we’ve also created an interactive privacy heat map that denotes the degree of strictness — highlighting scope of protection, affected entities, ‘adequacy’ standards met, and heavily surveilled countries — across national data protection regulation.

Interactive Data Protection Heat Map