There is new thinking about a governance, risk, and compliance (GRC) model for data protection in the cloud: the data custodian. While many enterprises want to move to the public cloud to benefit from its greater flexibility, agility, and scalability, they are nevertheless worried about complicated data protection, privacy, and sovereignty-related legal requirements such as the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (FDPA). The European Union, Canada, Russia, Saudi Arabia, and many other countries are introducing new and stringent data protection laws.
Data privacy laws often restrict the geographies in which enterprises may store, process, and access sensitive data. Enterprises that do not comply with these laws potentially risk significant fines and dissatisfied customers. But opting for a physically isolated or private cloud solution to meet these complex data protection and sovereignty requirements comes at a high cost. And this approach can severely limit the cloud provider’s ability to fulfill its availability and disaster recovery commitments.
An innovative data custodian model encompasses both the data custodian role and the software solution. This can provide enterprises with the flexibility and scalability of the public cloud, as well as transparency and control of the private cloud. The concept is to provide transparency features as well as data access control with software as a key element.
The data custodian model
With the data custodian model, companies can take control of their data in the public cloud, with cloud-provider access control and software-defined geolocation controls of customer data and resources. Enterprises requiring an independent entity to oversee and handle their data on a public cloud can contract with a third party acting on their behalf as a trusted data custodian.
With the data custodian model, enterprises can flexibly configure policies for their data in the public cloud to help address their unique needs and specific, regional data protection regulation requirements (such as GDPR and FDPA). This includes geolocation control policies for data access, storage, movement, and processing. The data custodian software can continuously monitor and provide risk and compliance reporting in alignment with the customer-defined policies and help the customer manage policy violations as needed. The reporting provides transparency into, for example, geolocation of the customer resources and data accessed, geolocation of the accessor, reason for the access, read/write actions performed on data during that access, and time of access. The reporting can also capture details of access made by the cloud provider.
Significant customer benefits
There are several key benefits of the data custodian model. First, enterprise customers will not need to build in-house expertise and can instead take advantage of the GRC expertise of the data custodian. This will help customers ensure that their data is accessed and stored in compliance with their data protection policies, there is no unauthorized data access, and the data does not cross the prescribed geographical boundaries.
With near real-time notifications of policy violations, companies can respond quickly and take immediate corrective action to protect their customers’ data. With a flexible policy engine, companies can specify software-defined geolocation control policies for their data and resources in the public cloud. In other words, they can take advantage of the benefits of a globally connected public cloud, while still addressing their country or customers’ data sovereignty requirements. A software-defined geolocation control approach can further help companies adjust their data protection policies within a reasonable timeframe in response to changes in regulations, offering a significant advantage over approaches based on physical separation and isolation.
For more information about the data custodian model, please contact SAP_DataCustodian@sap.com.