A recent blog post from Macquarie Data Centres has highlighted the importance of data sovereignty and localisation in Australia.
David Hirst, Group Executive at Macquarie Telecom Group, says that as organisations and governments feel intense pressure to create and maintain trust around data, it is crucial the concepts of sovereignty and localisation are widely utilised when it comes to data centres.
“Data centres play an important role in the management of trust around data, as part of a much larger ‘ecosystem of trust’,” he says.
“Anchored on the management of physical and logical security of a data centre and its associated infrastructure, this trust is fundamentally built on a symbiotic relationship between client and data centre service provider.
“Trust needs to be built and earned on a foundation of services and expertise that the data centre operator takes accountability for, and which stacks up when independently verified.”
Hirst highlights that understanding the full security spectrum is also paramount, and often organisations can struggle to understand the full picture.
“Today’s data centres demand smart hands and smart feet,” he says.
“Data centre operators need to demonstrate their own accountable levels of data security, and the management of the data relating to operations. A data centre’s colo customers must be certain that firewalls are patched, that backups are ready and that points of entry into the centre are secure.”
As with all aspects of life, businesses today also need to consider risks beyond their direct control. This also means addressing the impacts and downstream consequences of attacks on data or online infrastructure driven either by geopolitical motives or activists.
“Data centre operators obviously have a huge part to play here in protecting data and infrastructure at the level of the primary threat,” says Hirst
“If government agencies are disrupted from ensuring that open and fair information is shared with its citizens, businesses can also suffer as a result of misinformation.”
He says the ability to keep those government operations, and the data within them, secure and online is therefore essential for this flow-on effect, as well as for the direct benefit of the governments using those centres.
“This is where data centre sovereignty comes into play, defined as maintaining authority and control of data within jurisdictional boundaries.
“In practice, this means that data “at rest” or “in transit ” should not leave Australian jurisdictions without the express permission of the owner or custodian of that data. What’s more, the infrastructure needed to support sovereign data must also be sovereign.”
Hirst ends by saying that he believes the ‘data centre trust ecosystem’ is very subtle and complex and that data centres represent the most tangible aspect of what is an extended chain of interconnected responsibilities.
“In any data centre operation, defining security and success is of course based on commercial contracts, KPIs and SLAs,” he says.
“But in my view, these are built on foundations of trust, in which the data centre operator, the colo clients, and their customers, are all represented. For customer organisations, there is only one question to consider, which is whether you can truly say that your data centre partner today is your trusted partner.”