From a technology standpoint, one of the biggest questions that you will face as a business, post Brexit, will be your data sovereignty. In essence, your data sovereignty relates to where your data is geographically located and the corresponding rules that then govern both the storage and security of your data in that location.
Currently the European Union (EU) has regulations in place to define how your stored data should be handled in order to ensure that it is safeguarded in all member states. In addition to that, the UK has the Data Protection Act to provide UK specific regulations that organisations within the UK have to abide by.
Building on that legislation, the EU is currently working on the General Data Protection Regulation, a policy that is being designed to strengthen and unify data protection for individuals within the European Union, as well as address the export of personal data outside of the EU. That directive is due to come into operation on the 25th of May 2018 and will be directly applicable in all Member States without the need for implementing legislation on a national level. We will most likely still be in the EU when that legislation is adopted, but that is down to our politicians to decide.
In the run up to the exit, a lot of detail will need to be worked out and agreed upon by the various parties, but by looking at your data sovereignty now and by doing the appropriate planning, you will be well placed as an organisation when we do exit, irrespective of any new rules or regulations that will need to be developed. It is important that you have a plan as to continue sharing data freely across the EU, the UK will have to prove that any new data protection laws are, as a minimum, compliant with EU requirements. That shouldn’t be a stumbling block in practical terms, but it is certainly something to consider as you plan your data storage setup.
Carrying out a data audit is a good first step in your data planning process. In a survey taken by IT Managers at a recent RSA conference, it was found that 57 percent of IT security pros didn’t have a complete picture of where their organisation’s sensitive data was located. Even without the Brexit move, it makes sense from an operational, privacy and security perspective to discover where you data resides and where it flows, especially when you are using a Software-as-a-Service or public/hybrid cloud environment.
If you trade in a highly regulated industry such as finance, you will find that in order to remain compliant, you need to ensure that your sensitive data remains within UK borders and jurisdiction at all times.
One way of ensuring that you are compliant is to engage with a service provider with data centres and a secure network located solely within the United Kingdom. Wanstor is an ISO27001 accredited managed service provider with such a setup and are in a position where we can guarantee your data sovereignty at all times, ensuring that you data remains within the UK, fully protected and completely isolated from other organisation’s data at all times.
The best first step though is to start with your data storage planning process. To this end, we have a team of experienced and fully accredited engineers available to help you with your data audit and data planning efforts as you look to get an independent view of your current data setup with a view to making a compelling case to your senior management team.
Please do not hesitate to contact us on 0333 123 0360 or contact us online to get the ball rolling.