Frequently Asked Questions

What is InCountry?

InCountry provides data residency-as-a-service in more than 90 countries for sensitive and regulated data, ensuring customers comply with local data protection regulations. InCountry’s end-to-end data stack, from infrastructure to data compliance, is for global companies looking to utilize cloud and SaaS solutions while still ensuring data compliance in countries they operate in.

How is InCountry different from hosting?

InCountry's platform allows companies to comply with various data regulations and data residency requirements by enabling sensitive and regulated data to be localized. InCountry's first-of-its-kind data stack starts with providing certified cloud infrastructure, all the way to SaaS and data integration and compliance with local regulations. In this way, InCountry's cloud-agnostic platform ensures only the data that matters is localized, while the rest is still in customers' existing data centers. This model makes data localization an efficient and straightforward process that can be replicated easily to multiple countries.

What SaaS solutions does InCountry support?

InCountry supports Salesforce, ServiceNow, Mambu, Segment, Twilio, and other SaaS solutions. In addition, Contact Sales at sales@incountry.com to investigate the possibility to support your application.

How does InCountry help with a multi-country SaaS implementations?

InCountry's availability in 90+ countries means customers can utilize the same platform to localize different types of data with the same way it takes to localize in one country. This provides customers quick time-to-value through repeatable and fast on-boarding. For more information, please visit https://incountry.com/products/saas/.

Which countries are currently supported?

Currently, InCountry can store regulated data in 90+ countries. InCountry is rapidly expanding and is adding more countries to this list.
Americas
Argentina
Brasil
Bolivia
Canada
Chile
Costa Rica
Colombia
Ecuador
Mexico
Panama
Paraquay
Peru
Uruguay
United States
Asia Pacific
Australia
Armenia
Azerbaijan
Bangladesh
China
Hong Kong
India
Indonesia
Japan
South Korea
Malaysia
Mongolia
Nepal
New Zealand
Philippines
Singapore
Sri Lanka
Thailand
Taiwan
Vietnam
Europe
Andorra
Albania
Austria
Belgium
Bulgaria
Belarus
Czech Republic
Cyprus
Croatia
Denmark
Estonia
Finland
France
Germany
Georgia
Greece
Great Britain
Hungary
Iceland
Ireland
Italy
Isle of Man
Latvia
Lithuania
Luxembourg
Liechtenstein
Moldova
Malta
Mongolia
Netherlands
Norway
Poland
Portugal
Romania
Russia
Slovakia
Slovenia
Spain
Serbia
Sweden
Switzerland
Ukraine
Middle East & Africa
Egypt
Ghana
Israel
Kenia
Lebanon
Morocco
Nigeria
Rwanda
Turkey
Tunisia
Tanzania
Saudi Arabia
South Africa
United Arab Emirates

Why are countries implementing data residency laws and regulations?

When data is stored within a country’s borders, it is unequivocally covered by that country’s laws and regulations. Citizens of many countries have been complaining about the way their data has been treated and governments are rapidly responding with regulations that manage how their citizens’ data is stored and processed.

What types of data can be stored with InCountry?

Different categories of data are regulated in different countries. Most countries have regulations in place for profile/registration data, health data, financial transaction data, and payment information. InCountry can store textual payloads including JSON data with encoded images.

What is InCountry’s hosting model?

InCountry is responsible for providing the complete data stack, including infrastructure, application integration and local compliance. InCountry's platform is isolated and secured based on the customer's needs. Our offerings vary from multi-tenant infrastructure to completely isolated single-tenant hosts with a dedicated resource pool within a secure and compliant environment. Depending on the customer's needs and availability, the InCountry platform can run on the cloud provider of choice. Except in the case of InCountry self-hosting offering, Corporate Node On-prem, For more information, please visit https://incountry.com/products/overview/.

What is the role of cloud providers with InCountry's platform?

InCountry utilizes cloud providers, big and small, as part of our data stack. We ensure every cloud provider we use is of high standards, security, and compliance requirements. For more information, check out our compliance and security page. Our solutions include all the infrastructure equipment is provided by InCountry, regardless of the cloud/infrastructure provider. InCountry ensures the provider is compliant with the required certifications and attestations.

What is regulated data?

Regulated data refers to data that must be handled in a certain way in order to comply with government laws or industry regulations (e.g. GDPR, Russian Federal Law on Personal Data). A country may have laws, which require certain information collected about its citizens, such as personal information, must be stored locally.

What is de facto data localization?

A country may have a data localization law that, in theory, allows for the storage of regulated data in another country under certain conditions. However, the risk and cost involved is so burdensome that storing the data within the country’s borders is the only practical solution.

How secure is the InCountry platform?

InCountry provides enterprise-grade, industry-standard security. InCountry’s facilities offer enterprise-class security, with enterprise-class protection including data encryption, firewalling, network isolation, and intrusion detection. Additionally, high availability and disaster recovery capabilities are included as part of our managed services offering.

Which security regulations are applicable for InCountry?

Information Security is not just a buzzword for InCountry – it‘s our daily work, our passion, and the principle that drives us. InCountry is currently SOC 2 Type II audited and will be certified against internationally-recognized standards such as ISO 27001 for Information Security (Planned for Fall 2020). Globally, InCountry is compliant with local data regulations in operational countries. All these, along with using industry-accepted best practices, ensure that the best possible security and risk management approach is applied. InCountry's security and compliance program is always extending more certifications and attestations, and conducting technical security audits regularly to validate that the defined security concepts have been implemented successfully, and to safeguard the usage of newly- developed tools. The external certifications and attestations are performed by Coalfire and NSF-ISR, two highly recognized audit firms

What type of encryption is used by InCountry?

InCountry uses SHA-256 for hashes and AES-256 for data payloads.

Does InCountry work with third party key management system?

Yes, InCountry integrates with third party enterprise key management solutions (KMS) provided by third-party vendors and supports bring-your-own-key (BYOK) scenarios.

How can I get started?

You can get started today by contacting your InCountry Sales team at sales@incountry.com.