Posted on 27.2.2023

How global events revealed business risks in cloud services

Antti Vilpponen UpCloud CEO

Today’s organisations are so used to the efficiency and flexibility of cloud services that only a few would be eager to return their data to self-maintained servers. However, the changed global situation has brought new political and geographical risks to the management teams’ agendas. These risks directly impact the globally distributed data centre networks powering cloud services.

How should leadership react if a data centre containing important data is located in a geography where law and order suddenly changes? The pandemic and Russia’s aggressive war have slowed globalisation, presumably leading to a strong downward trend in the country’s risk appetite for globally operating companies.

An essential framework for risk assessment and decision-making is the EU general data protection regulation GDPR, which came into effect in 2018. Personal data that every organisation possesses is, after all, primarily stored in cloud services.

In some countries, the rights of public authorities contradict the GDPR requirements even under normal circumstances.

After some initial grumbling, the changes required by the GDPR have been duly fulfilled. Typically, the distribution of data centres across the globe is not considered a problem. Even non-EEA (European Economic Area) companies must comply with GDPR when offering services in the EU and processing the personal data of EU residents.

A potential problem and an increased risk related to the rights that local laws permit for the authorities and whether the local data protection legislation corresponds to the EU standard. In times of turmoil, this legislation, its application, or the physical security environment can suddenly change, and business risks may need to be higher in priority.

In some countries, the rights of public authorities contradict the GDPR requirements even under normal circumstances. For example, some local legislations allow security and intelligence authorities to access the data stored in data centres, regardless of the laws that the service provider follows.

Wisdom of minimising risks

European companies must unequivocally ensure that the GDPR requirements are fulfilled even when the data is processed outside the EEA. Should any risks materialise, the entire business is at stake, not only the data.

In unstable times, wise management minimises risks – even those that seemed very distant just a few years ago. As self-maintained servers are rarely a realistic option, cloud partner selection becomes an even more critical decision. The location of the partner and data centres, as well as the legislation they follow, should be of great interest to decision-makers.

Antti Vilpponen
CEO, UpCloud

Antti Vilpponen

Comprehensive guide to secure and highly available cloud server backups

In today’s digital landscape, cloud server backups are critical for data protection and part of an essential disaster recovery plan. Threats to data security and business systems can be digital and physical, ranging from cyber-attacks and hardware failures to the impacts of climate change or global unrest.  Data, an essential business asset, can be lost […]

Comparisons

Long reads

What is Private Cloud? Definition, architecture, and examples

Private cloud infrastructure emerged as a solution to some of the drawbacks of public cloud services. Although the private cloud has similarities to public cloud architecture, it distinctly provides a proprietary framework dedicated to a single organisation. Cloud services are agile and scalable, and many companies have already made the choice to move away from […]

Industry analyses

Long reads

The evolution of cloud servers in modern computing

Cloud computing has drastically changed how information technology (IT) professionals utilise technology. This infrastructure has enabled businesses to use online tools, platforms, and storage spaces, thereby reducing the costs and operational requirements of having a physical setup. Leveraging the cloud reduces costs in data storage, application execution, operations scaling, and more. Due to this and […]

Industry analyses

Long reads

Back to top