- Perspecsys outlines why tokenisation is the answer to growing data sovereignty trend
LONDON, Sept. 17, 2014 /PRNewswire/ -- Perspecsys, the leader in enterprise cloud data control protection gateway solutions, is taking note of the increasing number of announcements by United States based Cloud Service Providers (CSPs) regarding their intentions to build overseas data centres in Europe and Asia. On the surface, these data centres are presented as a way to address an increasingly complex mix of country and region specific privacy requirements that make it extremely difficult for organisations to transfer data across defined geographic borders. In practice, many organisations are discovering that having local data centres popping up from their favorite SaaS cloud service provider is not the panacea they thought it would be, however.
Many say that the new class of regulations faced by enterprises, known collectively as Data Residency or Data Sovereignty laws, is partially the result of the surveillance news permeating the headlines over the past year. Regardless of the cause, the implications for U.S.-based cloud providers could be dramatic. In fact, a study last year from the Informational Technology & Innovation Foundation (ITIF) estimated the magnitude of the revenue loss to U.S. providers to be as much as $35 billion over the next few years. Forrester Research has commented that they believe the impact could be three times as much. Some in the industry have pointed to newly promised local data centres from U.S. providers as a potential solution to the cloud adoption barrier that these new regulations pose, however enterprises are discovering otherwise: these data centres frequently cannot truly satisfy the required data residency mandates.
"While local data centres can provide improved cloud performance, companies researching existing contracts with cloud providers find that the guarantees to keep the data solely in those data centres are not adequately addressed in their service agreements," explained Gerry Grealish, CMO, Perspecsys. "Secondary or backup data centres, typically located in other countries, need to have contractual access to the data to ensure smooth operation of the cloud service. Additionally, employees of the cloud service provider located in other countries need to have access to the data centres for system maintenance and support."
While some SaaS providers claim the opening of European data centres is primarily for performance benefits for their customers, some enterprises are misinterpreting the reason to be associated with the challenge of jurisdictional control, forgetting that data will be backed up to other data centres that may be located outside their jurisdiction. Once an organisation realizes that data has the potential to move to other countries and foreign-based cloud service provider employees may have access to their data, an organisation can find itself back to the drawing-board looking for a solution. That is where a new class of solutions that Gartner has coined as "Cloud Data Protection Gateways," which use a technique named tokenisation, are playing an increasingly important role. Perspecsys' solution, the AppProtex™ Cloud Data Protection Gateway, intercepts regulated data while it is still within the host country. This data is replaced with a surrogate value, called a token, before it crosses the border. Rather than use a cipher and a key to transform data as is the case with encryption, the strongest forms of tokenisation, like the kind used by the Perspecsys gateway, create tokens that have no mathematical link back to the original value. The original values and the tokens remain locked in a database vault securely within the home country. When the tokens are retrieved from the cloud applications, the AppProtex Gateway seamlessly brings them back into clear-text form within the enterprise and they are presented to the end-user.
Grealish continued, "For many foreign-based enterprises, there is an even more fundamental issue that must be addressed when using a U.S.-based CSPs' global data centre. As seen in the July ruling against Microsoft in New York State, CSPs incorporated in the U.S. can be compelled by U.S. authorities to turn over data associated with non-U.S. citizens that are stored in foreign data centres. When using a Cloud Data Protection Gateway with tokenisation, enterprises, by definition, need to always be involved with the process of handing over any data to third parties."
Country-specific regulations governing privacy and data protection vary greatly. Our new, interactive Cloud Computing Regulations Infographic Map provides a high-level overview of the key data privacy and protection laws and regulations across the globe.
Cloud Data Protection Gateways, like AppProtex from Perspecsys, allow an enterprise to keep sensitive data behind its firewall, replacing it with tokens or encrypted values. Sensitive data never leaves the organisation's control in any format, so information a cybercriminal or an unauthorised party obtains is meaningless. These gateways ensure that users of cloud applications are not impacted – they can still perform functions like searching, sorting or reporting on encrypted or tokenised data within their cloud applications while the enterprise benefits from complete control of their information.
For more information about the AppProtex Cloud Data Protection Gateway: http://perspecsys.com/perspecsys-cloud-protection-gateway/appprotex-cloud-control-gateway/.
Perspecsys Inc. is a leading provider of cloud data protection solutions that enable mission critical cloud applications to be adopted throughout the enterprise. Perspecsys gives organisations the ability to protect sensitive information before it leaves the network and understand how employees are using cloud applications throughout the enterprise. By removing the technical, legal and financial risks of placing sensitive data in the cloud, Perspecsys makes the public cloud private. Based in Toronto, Perspecsys Inc. is a privately held company backed by investors, including Intel Capital, Paladin Capital and Ascent Venture Partners. For more information please visit www.Perspecsys.com and follow us on Twitter @Perspecsys.
Perspecsys Media Contact:
InkHouse PR for Perspecsys