Ensuring Personal Information Protection (PIP) and privacy is a world and industry-wide concern among enterprises and service providers alike.
Nearly every country and vertical industry has its own version of PIP and privacy laws.
For example, the European Union’s (EU) General Data Protection Regulation (GDPR), which goes into effect in May 2018, will require all companies processing the PIP data of EU residents, more control over their personal information regardless of the company’s location, and introduces substantial penalties for violations.
There is also the longstanding U.S. Health Insurance Portability and Accountability Act (HIPPA) of 1996 that now must expand its protections to personal healthcare information being stored in the cloud.
And, in Canada, there is the Privacy Act that regulates how federal government institutions must deal with individuals’ personal information and the Personal Information Protection and Electronic Documents Act (PIPEDA) that governs how private companies collect, use and disclose personal information in the course of commercial business.
Protecting personal information across physical and virtual borders is at the core of existing and emerging PIP requirements.
Compliance software applications and protection controls have traditionally resided in a company’s central data center. However, regional regulations at global companies often change to reflect local needs, such as how user information must be collected, stored and utilized in real time.
Latency between centralized data centers, where compliance policies and controls reside, and local storage of sensitive data, can negatively impact user quality of experience (QoE).
Private storage and hybrid cloud platforms enable direct and secure interconnection to public clouds while ensuring the local security and auditability of PIP data.
This allows for adherence to in-country privacy legislation, as well as consistent and reliable throughput performance and user QoE at scale.
To ensure secure and efficient processing of regulatory compliance for data gathering, cleansing, retention, and access, you must put regulatory enforcement at the digital edge, where data collection and storage occurs.
Placing your sensitive data at the digital edge allows you to ensure that regionally-relevant policies can be more easily and effectively be deployed.
Private storage and hybrid cloud infrastructures can be realized on Platform Equinix for secure storage solutions, such as the NetApp Private Storage for Cloud, via the combination of the Equinix Cloud Exchange (ECX) Fabric, Performance Hub and Data Hub architectural frameworks.
This allows you to put your private storage infrastructure close to the cloud for the lowest latency and greatest performance, while maintaining security controls and regional compliance.
This enables you to ensure PIP and data residency by keeping data on your local storage array, located in any of the more than 190 global Equinix data centers, to comply with local in-country legislation (see diagram below).
Equinix and NetApp Private Storage, Hybrid Cloud Deployment
The ECX Fabric is designed for private network, cloud and business ecosystem interconnectivity that can be provisioned in real time using virtualized connections via a self-service portal or API. It is currently available across more than 25 Equinix International Exchange (IBX) data center locations around the world.
Future ECX Fabric locations across Equinix’s 190 global IBX data centers are planned over time for participating companies.
Equinix Performance Hub allows you to efficiently deploy your IT resources at the digital edge, closest to your end-users, enabling a whole new level of global network performance and cost efficiencies.
Combined with the ECX Fabric and Performance Hub, the Data Hub addresses the robust management of your data tiers within a hybrid cloud infrastructure.
The benefits of this type of private storage, hybrid cloud infrastructure include:
Article by Sanjeevan Srikrishnan, Equinix Blog Network