Story image

New year, new privacy regulations - are you ready?

16 Jan 18

Ensuring Personal Information Protection (PIP) and privacy is a world and industry-wide concern among enterprises and service providers alike.

Nearly every country and vertical industry has its own version of PIP and privacy laws.

For example, the European Union’s (EU) General Data Protection Regulation (GDPR), which goes into effect in May 2018, will require all companies processing the PIP data of EU residents, more control over their personal information regardless of the company’s location, and introduces substantial penalties for violations.

There is also the longstanding U.S. Health Insurance Portability and Accountability Act (HIPPA) of 1996 that now must expand its protections to personal healthcare information being stored in the cloud.

And, in Canada, there is the Privacy Act that regulates how federal government institutions must deal with individuals’ personal information and the Personal Information Protection and Electronic Documents Act (PIPEDA) that governs how private companies collect, use and disclose personal information in the course of commercial business.

Protecting personal information across physical and virtual borders is at the core of existing and emerging PIP requirements.

Compliance software applications and protection controls have traditionally resided in a company’s central data center. However, regional regulations at global companies often change to reflect local needs, such as how user information must be collected, stored and utilized in real time.

Latency between centralized data centers, where compliance policies and controls reside, and local storage of sensitive data, can negatively impact user quality of experience (QoE).

Private storage and hybrid cloud platforms enable direct and secure interconnection to public clouds while ensuring the local security and auditability of PIP data.

This allows for adherence to in-country privacy legislation, as well as consistent and reliable throughput performance and user QoE at scale.

Deploying a private storage, hybrid cloud infrastructure at the digital edge

To ensure secure and efficient processing of regulatory compliance for data gathering, cleansing, retention, and access, you must put regulatory enforcement at the digital edge, where data collection and storage occurs.

Placing your sensitive data at the digital edge allows you to ensure that regionally-relevant policies can be more easily and effectively be deployed.

Private storage and hybrid cloud infrastructures can be realized on Platform Equinix for secure storage solutions, such as the NetApp Private Storage for Cloud, via the combination of the Equinix Cloud Exchange (ECX) Fabric, Performance Hub and  Data Hub architectural frameworks.

This allows you to put your private storage infrastructure close to the cloud for the lowest latency and greatest performance, while maintaining security controls and regional compliance.

This enables you to ensure PIP and data residency by keeping data on your local storage array, located in any of the more than 190 global Equinix data centers, to comply with local in-country legislation (see diagram below).

Equinix and NetApp Private Storage, Hybrid Cloud Deployment

The ECX Fabric is designed for private network, cloud and business ecosystem interconnectivity that can be provisioned in real time using virtualized connections via a self-service portal or API. It is currently available across more than 25 Equinix International Exchange (IBX) data center locations around the world.

Future ECX Fabric locations across Equinix’s 190 global IBX data centers are planned over time for participating companies.

Equinix Performance Hub allows you to efficiently deploy your IT resources at the digital edge, closest to your end-users, enabling a whole new level of global network performance and cost efficiencies.

Combined with the ECX Fabric and Performance Hub, the Data Hub addresses the robust management of your data tiers within a hybrid cloud infrastructure.

The benefits of this type of private storage, hybrid cloud infrastructure include:

  • Local, low-latency connectivity across organizations that allows you to provide access to data and workloads on private or public clouds, and ensures that the data in motion and at rest never leaves the local jurisdiction. Also, privacy can be better protected by maintaining secure edge-to-edge connections over the ECX Fabric.
  • The global IBX footprint allows you to deploy your infrastructure within the sovereign borders of the government requiring data residency. This ensures compliance while delivering consistent performance in real time, no matter where the data is located.
  • Data loss and theft is minimized, while data accessibility is not, and data value is enhanced due to better policy-based security.
  • Compliance services (such as end-point auditability and data anonymizing) are easier to maintain and enforce because of improved response time and greater scalability.
  • Costs (e.g., cloud data egress) and reputational risk are better controlled using local services at the edge, making it easier to adapt to regulatory changes.

Article by Sanjeevan Srikrishnan, Equinix Blog Network 

Data centre cybersecurity actions that most people overlook
Schneider’s Steven Carlini discusses ways to improve data centre cybersecurity that most people don’t think of until it’s too late.
Alibaba Cloud showcases commitment to Hong Kong
The company’s service capability in Hong Kong has doubled since it established its first data centre in the city in 2014.
5 tips to reduce data centre transceiver costs
Keysight Technologies' Nicole Faubert shares her advice on how organisations can significantly reduce test time and cost of next-generation transceivers.
The new world of edge data centre management
Schneider Electric’s Kim Povlsen debates whether the data centre as we know it today will soon cease to exist.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
SUSE partners with Intel and SAP to accelerate IT transformation
SUSE announced support for Intel Optane DC persistent memory with SAP HANA.
Inspur uses L11 rack level integration to deploy 10,000 nodes in 8 hours
Inspur recently delivered a shipment of rack scale servers of more than 10,000 nodes to the Baidu Beijing Shunyi data center within 8 hours.
How HCI helps enterprises stay on top of data regulations
Increasing data protection requirements will supposedly drive the demand for Hyper-Converged Infrastructure solutions across the globe.