How global events revealed business risks in cloud services

Posted on 27 February 2023

Today’s organisations are so used to the efficiency and flexibility of cloud services that only a few would be eager to return their data to self-maintained servers. However, the changed global situation has brought new political and geographical risks to the management teams’ agendas. These risks directly impact the globally distributed data centre networks powering cloud services.

How should leadership react if a data centre containing important data is located in a geography where law and order suddenly changes? The pandemic and Russia’s aggressive war have slowed globalisation, presumably leading to a strong downward trend in the country’s risk appetite for globally operating companies.

An essential framework for risk assessment and decision-making is the EU general data protection regulation GDPR, which came into effect in 2018. Personal data that every organisation possesses is, after all, primarily stored in cloud services.

In some countries, the rights of public authorities contradict the GDPR requirements even under normal circumstances.

After some initial grumbling, the changes required by the GDPR have been duly fulfilled. Typically, the distribution of data centres across the globe is not considered a problem. Even non-EEA (European Economic Area) companies must comply with GDPR when offering services in the EU and processing the personal data of EU residents.

A potential problem and an increased risk related to the rights that local laws permit for the authorities and whether the local data protection legislation corresponds to the EU standard. In times of turmoil, this legislation, its application, or the physical security environment can suddenly change, and business risks may need to be higher in priority.

In some countries, the rights of public authorities contradict the GDPR requirements even under normal circumstances. For example, some local legislations allow security and intelligence authorities to access the data stored in data centres, regardless of the laws that the service provider follows.

Wisdom of minimising risks

European companies must unequivocally ensure that the GDPR requirements are fulfilled even when the data is processed outside the EEA. Should any risks materialise, the entire business is at stake, not only the data.

In unstable times, wise management minimises risks – even those that seemed very distant just a few years ago. As self-maintained servers are rarely a realistic option, cloud partner selection becomes an even more critical decision. The location of the partner and data centres, as well as the legislation they follow, should be of great interest to decision-makers.

Antti Vilpponen
CEO, UpCloud

Summer promotion!

Start your free 30-day trial today and discover why thousands of businesses trust UpCloud

  • $500 free credits
  • Risk-free trial
  • Optimized performance
  • Scalable infrastructure
  • Top-tier security
  • Global availability

Sign up

See also

Introducing the official UpCloud Go API client.

Introducing the official UpCloud Go API client

We have always been dedicated to offering an extensive and powerful API to allow applications to integrate with the UpCloud services. The API can be […]

Janne Ruostemaa

Editor-in-Chief

Arttu Uskali, Head of Support, highlighting how UpCloud puts an incredible focus on delivering great customer support.

How we put customer support at the centre of our business

UpCloud’s world-class technical support is available 24/7/365. Our single mission at UpCloud is to help our customers, which is why we provide 24/7/365 personal customer […]

Niloufar Viljanen

UpCloud secures €18 million funding to fuel growth.

UpCloud secures €18 million funding to fuel growth

We are incredibly excited to announce that UpCloud has secured €18 million in equity and debt funding to expedite our international growth. Over the next […]

Janne Ruostemaa

Editor-in-Chief

Back to top