Frequently Asked Questions
InCountry provides data residency-as-a-service in more than 90 countries allowing customers to store sensitive and regulated data in full compliance with local data protection regulations. InCountry’s end-to-end data stack, from infrastructure to data compliance, is for global companies and enterprises looking to utilize cloud and SaaS solutions while still ensuring data compliance in countries they operate in.
InCountry provides a secure data store in dozens of countries, and you get access to all these data stores without a need to onboard each cloud provider in the required countries. The InCountry platform considers and meets a variety of data compliance requirements and protection regulations that you don’t need to handle yourself, and only utilizes trusted cloud providers and certified infrastructure to provide supreme data residency services. Additionally, InCountry offers an extensive stack of tools and extensions to localize and distribute regulated and sensitive data, so you don’t have to reinvent the wheel and can instantly get started with robust and reliable technical solutions to address any compliance issues your business encounters.
InCountry supports Salesforce, ServiceNow, Veeva, Cegid, Segment, Twilio, and other SaaS solutions. You can сontact our sales team at email@example.com to check the possibility of supporting your own SaaS application.
The InCountry platform is available in 90+ countries, which means that customers can utilize the same solution to localize and distribute different categories of data (PII, healthcare, or payment) across multiple countries with no limitations or trade-offs. Customers can take advantage of quick time-to-value through repeatable and seamless onboarding. For more information, please visit https://incountry.com/products/saas/ .
Currently, InCountry can store regulated data in 90+ countries. InCountry is rapidly expanding and is adding more countries to this list.
Isle of Man
United Arab Emirates
When data is stored within a country’s borders, it is unequivocally covered by that country’s laws and regulations. Citizens of many countries have been complaining about the way their data has been treated and governments are rapidly responding to these challenges with regulations that authorize how their citizens’ data is stored and processed.
Different countries have issued profound data regulations to regulate different categories of sensitive data. Most countries have regulations in place for profile/registration data, healthcare data, financial transaction data, and payment information. InCountry can store textual payloads including JSON data with encoded images.
InCountry provides a complete data management stack, including infrastructure, application integration, and local data compliance. The InCountry platform is isolated and secured following the best industry standards. Our offerings vary from multi-tenant infrastructure to completely isolated single-tenant hosts with a dedicated resource pool within a secure and compliant environment. Depending on the customer’s needs and availability, the InCountry platform can run on the cloud provider of choice, except in the case of the InCountry self-hosting offering, Corporate Node on-premise. For more information, please visit https://incountry.com/products/overview/ .
InCountry utilizes cloud providers, big and small, as a part of our data stack. We ensure every cloud provider meets all the industry high standards, including stringent security and compliance requirements. For more information, check out our compliance and security page. Our solutions ensure all the infrastructure equipment is provided by InCountry, regardless of the cloud/infrastructure provider. InCountry also ensures the provider is compliant with the required certifications and attestations.
Regulated data refers to sensitive data that must be handled in a certain way to comply with government laws or industry regulations (e.g. GDPR, Russian Federal Law on Personal Data 152-FZ, or Chinese Personal Information Protection Law (PIPL)). A country may have laws that require certain information collected about its citizens, such as personal information, to be stored locally within the domestic borders only.
A country may have a data localization law that, in theory, allows for the storage of regulated data in another country under certain conditions. However, the risk and cost involved is so burdensome that storing the data within the country’s borders is the only applicable solution.
InCountry provides enterprise-grade, industry-standard security. InCountry’s facilities are fortified against existing and probable threats and vulnerabilities. With industry-class protection including data encryption, firewall, network isolation, and proactive intrusion detection, the InCountry platform safeguards your sensitive data with no compromise. Additionally, high availability and disaster recovery capabilities are included as part of our managed services offering.
Information Security is not just a buzzword for InCountry – it‘s our daily work, our passion, and the principle that drives us. InCountry is currently SOC 2 Type II audited and is certified against internationally recognized standards such as ISO 27001 for Information Security. Globally, InCountry is compliant with local data regulations in operational countries. All these, along with using industry-accepted best practices, ensure that the most optimal security and risk management approach is applied. InCountry’s security and compliance program is frequently earning more certifications and attestations, and we conduct technical security audits regularly to validate that the defined security concepts have been implemented successfully, as well as to safeguard the usage of newly-developed tools. The external certifications and attestations are performed by Coalfire and NSF-ISR, two highly reputable audit firms.
InCountry uses the SHA-256 algorithm for hashing regulated data values and the AES-256 algorithm for encrypting data payloads. Some components of the InCountry platform support tokenization that completely swaps regulated data values with random and unique strings that cannot be reversed under any circumstances.
Yes, the InCountry platform integrates with third-party enterprise key management solutions (KMS) provided by third-party vendors, and supports bring-your-own-key (BYOK) scenarios.
Every integration with the InCountry platform is discussed individually when InCountry professionals collect requirements, identify customer’s architecture and infrastructure specifics, and analyze compliance requirements in the customer’s target countries. After this, the project plan is developed considering every aspect, from development to final deployment and maintenance. On average, a generic data localization and distribution project requires 1-2 months from the request to the implementation, although the timeline for any project will vary depending on its scope and complexity.
Yes, the InCountry platform provides solutions for seamless integration with CRM systems such as Salesforce and Veeva Systems. For other CRMs, please contact our support team (firstname.lastname@example.org) to get your free consultation about InCountry’s integration capabilities and available solutions. If you want to explore the integration capabilities of the InCountry platform yourself, feel free to check our development tools, such as REST API and SDK.