Posted on 27.2.2023

How global events revealed business risks in cloud services

Antti Vilpponen UpCloud CEO

Today’s organisations are so used to the efficiency and flexibility of cloud services that only a few would be eager to return their data to self-maintained servers. However, the changed global situation has brought new political and geographical risks to the management teams’ agendas. These risks directly impact the globally distributed data centre networks powering cloud services.

How should leadership react if a data centre containing important data is located in a geography where law and order suddenly changes? The pandemic and Russia’s aggressive war have slowed globalisation, presumably leading to a strong downward trend in the country’s risk appetite for globally operating companies.

An essential framework for risk assessment and decision-making is the EU general data protection regulation GDPR, which came into effect in 2018. Personal data that every organisation possesses is, after all, primarily stored in cloud services.

In some countries, the rights of public authorities contradict the GDPR requirements even under normal circumstances.

After some initial grumbling, the changes required by the GDPR have been duly fulfilled. Typically, the distribution of data centres across the globe is not considered a problem. Even non-EEA (European Economic Area) companies must comply with GDPR when offering services in the EU and processing the personal data of EU residents.

A potential problem and an increased risk related to the rights that local laws permit for the authorities and whether the local data protection legislation corresponds to the EU standard. In times of turmoil, this legislation, its application, or the physical security environment can suddenly change, and business risks may need to be higher in priority.

In some countries, the rights of public authorities contradict the GDPR requirements even under normal circumstances. For example, some local legislations allow security and intelligence authorities to access the data stored in data centres, regardless of the laws that the service provider follows.

Wisdom of minimising risks

European companies must unequivocally ensure that the GDPR requirements are fulfilled even when the data is processed outside the EEA. Should any risks materialise, the entire business is at stake, not only the data.

In unstable times, wise management minimises risks – even those that seemed very distant just a few years ago. As self-maintained servers are rarely a realistic option, cloud partner selection becomes an even more critical decision. The location of the partner and data centres, as well as the legislation they follow, should be of great interest to decision-makers.

Antti Vilpponen
CEO, UpCloud

Antti Vilpponen

Evaluating cloud server performance with sysbench

To help save valuable time and make an educated choice, you should begin by checking out benchmarks.

Long reads

How UpCloud can help you optimise operations and minimise risks

‘Uncertainty’ has been the business buzzword of the 2020s so far, and the turbulence isn’t over yet. It’s a sign of the economic times that businesses all over the world are weighing up their appetite for growth, but as our CEO Antti Vilpponen put it in a previous blog post, ‘wise management minimises risk’. It’s […]

Industry analyses

Vision and culture

Community events in retrospect: WordCamp Nagpur, JrDev Singapore Meetup & more!

We are always excited to take part in community events around the world and here's a quick recap of some of the best events.

Community and events

Back to top