November 10, 2021

Practical Aspects of Data Governance: Webinar Takeaways

Practical Aspects of Data Governance: Webinar Takeaways

On October 21st, InCountry, the world’s first data residency-as-a-service platform, and 451 Research, part of S&P Global Market Intelligence and one of the leading research firms for the IT industry, hosted a webinar together called Practical Aspects of Data Governance: data residency strategy as a driver of business value. In it, InCountry founder and CEO Peter Yared and 451 Research’s Senior research Analyst Paige Bartley discussed the wider topic of data residency at large in the business world today, using 451’s industry research and both companies’ industry experiences to summarize the challenges and potential solutions to this modern corporate challenge.

From unique professional perspectives, Peter and Paige were able to provide insight into both the business drivers for data residency, as well as some of the supporting technology options.  Here are the main takeaways from the event.

The new data governance paradigm is unlike anything seen previously

451 Research introduced the webinar by observing that the early era of cloud usage and data centers was mostly about controlling costs, as the new alternative partially picked up momentum due to the growing expenses of on-premise storage. This initial flow of data often found its way to the US and other places with affordable data centers, with countries not clued in about the risk these unregulated data flows carried. 

With the advent of the EU’s GDPR in 2016, that reality changed quickly, with nearly every major country today having either explicit or effective data regulations laws or guidelines on the books. Within half a decade, the world went from free data flows to restricted ones that often require data distribution and localization within the country of origin, placing new burdens on businesses. 

Customer expectations drives data residency, and businesses need to listen

In light of news stories about companies big and small experiencing data leaks that leave customer information vulnerable to hackers and cybercriminals, public discontent had grown considerably even before GDPR was passed. With many countries (with the exception of the U.S.) now having an official law, consumers have higher expectations of what and how companies should be handling data. 

451 Research revealed that 44% of US-based, population-representative consumers said they outright avoid organizations they don’t trust, and another 32% noted they opted out of certain tracking features when given the option. Source: 451 Research’s Voice of the Connected User Landscape: Connected Customer, Trust and Privacy 2021

Companies need to publicly recognize this reticence on the customer’s part to be open after businesses took advantage of personal information for so long. This will require a shift in thinking, from viewing compliance with data regulations as something reactive to instead a part of an overall proactive approach to utilizing SaaS and providing customers with the best and least intrusive user experience possible.

Data privacy cannot be at odds with leveraging data

According to 451 Research’s Voice of the Enterprise: Datacenters 2020 report, most companies still don’t rent space from a colocation provider, citing security as one of the top two reasons for choosing to keep workloads in-house. [Source: OVHcloud and the ‘Europeanisation’ of data, July 2021] .

The overall security of the cloud has long been a pain point for organizations, and now that data regulations raise the stakes, the matter of data residency is routinely among the first concerns mentioned about using cloud solutions. (Source: Voice of the Enterprise: Information Security: Budgets & Outlook 2021)

Per 451 Research surveys, data residency alone has influenced corporate decisions to migrate workloads/applications out of public hyperscale clouds and into other venues, with 16% citing the reason for their move in 2021, and another 19% citing data residency as the reason they will migrate cloud workloads in 2022. (Source” Voice of the Enterprise, Datacenters, 2021)

Despite the influence of these issues, not many companies have taken proactive approaches like procuring region-specific data centers to solve their data governance needs. There could be numerous reasons for this lack of action, but chief among them is likely the decisions of company leadership. Businesses have enjoyed leveraging data for years, and now see legislative pushback as an antithesis to that, but if they can identify this problem, they cannot be tentative in committing to a solution. This means accepting the new norm of data residency and using it to help drive data innovation. 

With data residency requirements, supporting technology can make a difference

Peter Yared, CEO and co-founder of InCountry, noted that technology stacks and workflow processes need immense reshaping to meet data residency requirements from both governments and companies themselves, a big reason why successful companies are hesitant to undertake this significant restructuring. Luckily, corporations have long used third-party security tools to fortify their cloud instance, and data residency is no different. 

Running separate SaaS instances in each country a business operates in is a terribly inefficient strategy, as it requires a company to build and adjust compliance stacks to suit multiple different data regulations. This is a complex, costly, and anti-digital approach. 

Third-party platforms like InCountry specialize in solving for data governance by allowing businesses to run a single global SaaS instance and separate out regulated data to each country of origin. InCountry does this by partnering with hyperscalers and local data service providers to ensure companies can distribute and localize regulated data such as Personal Identifiable Information in countries like Russia, China, and Turkey where cross-border data flows are restricted. That means businesses can run their operation with minimal changes and no extra infrastructure in over 90 countries worldwide, more than triple the combined compliance presence of hyperscalers alone. 

While the problem of data residency is very real and quite fresh in businesses’ minds, InCountry suggests that the corporate world does not need to reinvent itself entirely, as it can align better data handling and approaches to data collection not by completely restructuring, but rather by using the available proven solution to the issue.