Digital transformation and migrating your data to the cloud has grown increasingly complex, with new policy and regulation springing up in recent years to better control breaches and privacy.
While there is no one-size-fits-all solution, the sovereign cloud may offer an answer to all manner of problem.
This according to Sumeeth Singh, cloud provider business head for Sub-Saharan Africa at VMware, who believes that the sovereign cloud could be better aligned to deal with issues raised by PoPIA, GDPR and the like.
“Cloud sovereignty refers to the jurisdictional control or legal authority that can assert data because it is subject to the laws of a country. Sovereign clouds deliver continuous protection and secure accessibility controls,” highlights Singh.
“These are designed to protect and control confidential or restricted data with data residency and data sovereignty. It also ensures compliance with changing data privacy laws using a trusted cloud that supports a country’s digital economy,” he adds.
Singh is also careful to point out that data sovereignty should not be conflated with data residency, where the former deals with a nation’s exclusive legal protections and the latter focuses on geographical location.
“A sovereign cloud safeguards data with audited security controls at its core. But more than only keeping data ‘in country,’ it is also necessary to securely share data outside a jurisdiction when warranted,” he points out.
“An example of this could be for cross-border policing activities and collaboration. So, contrary to what many decision-makers have thought, sovereignty also encompasses the secure sharing and monetisation of data across borders,” he continues.
Shifting to the rollout of new legislation and regulation, Singh cites the recent FPB Amendment Act as an example of adding complexity in an industry that it already highly regulated, potentially resulting in an environment that is untenable to operate in.
“Cynics fear that the draft Cloud and Data Policy in SA could go the same route and make it difficult to operate effectively in a cloud-driven market. However, there can be no arguing that cybercrime has grown exponentially since the pandemic’s start more than two years ago,” he says.
“Is it, therefore, unreasonable to expect regulations that are designed to manage this risk better and protect personal data through cloud sovereignty?,” Singh posits.
With the likelihood of regulators stripping back complexity in a myriad industries being slim to none at this stage, especially the technology and cloud sectors, the deployment of a sovereign cloud may address several headaches that could develop down the line in Singh’s opinion.
“As data privacy and security threats become more prominent and severe, it is essential to have a data mobility strategy in place. Sovereign cloud providers comply with local and international regulations to ensure data is kept safe and secure,” he explains.
“Companies must therefore engage with a trusted sovereign cloud provider with expertise in privacy, data security, and data mobility to help them establish a robust data protection plan,” concludes Singh.
[Image – Photo by sendi gibran on Unsplash]
