Comment: AWS/Microsoft Azure cloud services personal data investigation
June 2021 by Rob Price, Senior Specialist Solutions Consultant and Global Lead for Risk & Compliance at Snow Software
Following the news that the European Data Protection Supervisor is investigating whether EU institutions using AWS and Microsoft Azure cloud services are protecting citizens’ personal data, please find below a comment from Rob Price, Senior Specialist Solutions Consultant and Global Lead for Risk & Compliance at Snow Software.
Rob shares his insights on the issues businesses need to be aware of when scaling up through cloud services and the actions they must take to ensure they remain compliant:
“The latest news about the European Data Protection Supervisor’s (EDPS) investigation into major cloud providers like AWS and Microsoft Azure does create uncertainty for many EU cloud users. Even though many cloud providers have regional service zones that specify where data resides, the demands of this past year are already testing providers like AWS and Azure. It’s important to understand that while these zones exist specifically to help address data residency and latency issues, cloud customers are still responsible for where they deploy their systems and, ultimately, store the data. In this case, customers could be doing all the right things related to their local and regional regulations but a court decision on this matter could compel them to move their workloads. It’s important that users of cloud services not only ensure they have visibility of their cloud instances and workloads but that they consider containers for the portability it can offer, should any legislative decision require that data be moved.”