A close up of a hard disk drive.

Data sovereignty, the cloud and custom software

5 Aug 2019

Barry Fisher - Technical Director

Written by
Barry Fisher
Technical Director

Who really owns your data? The last decade has seen an explosion in cloud computing and web-based service delivery which have significant implications for the security of vast quantities of data being stored about people.

The introduction of the GDPR in 2018 got people talking about data security in a new way and it, together with similar legislation in other countries, has posed challenges for businesses all over the world.

The issue of data sovereignty has been a subject for much discussion and debate across the IT industry. Whilst it is far from perfect, many see the GDPR as the blueprint for applying different concepts around data sovereignty and data privacy mandates, with a common belief that many of the current laws are, at best, inadequate.

Whilst the wider industry work at developing a universal, common ground for data protection and management, let's look at what data sovereignty might mean to your business.

Just a head's up – this article will probably give you more questions than answers!

Who owns your data?

In the modern business world, data is king. Data tells you who your customers are, what they want, and when they want it. It is, for most businesses, their lifeblood.

When you commit to a new cloud-based system or software solution, do you really understand how that might affect your business in the long term? Or are you making a decision based on current market trends and the perceived opportunity for a convenient resolution to a particular challenge?

IT as a service, through cloud-based providers, may seem an attractive option. You no longer have to worry about your in-house servers, security becomes 'someone else's problem' and can focus on your day to day business activities.

Are you just replacing the current business risk with a less tangible one?

Even assuming that you have thoroughly checked the security arrangements of your cloud-based provider, how deep did you go?

For example, do you know enough about any third party connections that link into the service you are buying? If you didn't delve into the intricacies of their supply-chain, you could be exposed to unidentified risks.

It is also important to consider the long term integrity of your data when entrusted to a remote service provider.

  • Are you entering into potential problems over the ultimate ownership of the information being managed on your behalf?
  • What happens if you need to recover your data?
  • How do you manage and monitor your service provider to ensure they have relinquished any and all of your information when requested?

You could think about it in terms of people who don't trust the banks to look after their money. If you have complete control and ownership of your data within your business, you don't have to worry about your supplier letting you down.

Sorry – the system is down

What are the arrangements if your provider's IT is “down”?

How thoroughly have you explored their backup arrangements?

For example, a quick internet search for Amazon Web Service (AWS) outages soon reveals the extent to which businesses can be adversely affected in the event of a datacentre power failure or human error. Even an initial problem that may have been short-lived at source, can have a significant ripple effect across the wider network of users.

If your business is affected, you need to understand the implications that has for your business. Your clients may lose visibility of you, perhaps access to your sales pipeline will be interrupted, and then, of course, there is the reputational damage that you will suffer.

Of course, not all downtime is unplanned. It is inevitable that system upgrades and maintenance will need to be carried out from time to time. It's important that you understand how that will impact on your business and what the contingency arrangements are. Don't wait until it happens to discover there is no backup plan!

What happens if a system goes rogue?

Within every organisation, there will be a decision-maker whose job it is to procure suitable IT services. If you're that person and systems fail, the resulting business impact could pose significant harm to your professional reputation.

Of course, if you are part of a larger organisation, there's a good chance that you'll have the support of a wider team who will have provided specialist advice and guidance. But the fact still remains that, as the decision-maker, you are very likely to be held accountable.

The solution

In reality, there are many solutions to most IT and web-related challenges. The key is to work with experts you can trust who can help you understand the best way forward for your business. At Pivale , we are experts at doing just this. Providing a service that is an extension of your in-house team, we can develop solutions that allow you to retain absolute control of your data, it's integrity and security.

We design custom-built web-based systems to meet your specific compliance criteria and our platform is one that supports the future growth and innovation of your business. The team help you to understand where and what the risks are and how to mitigate them.

If you're thinking of investing in a cloud-based business solution, why not speak to one of the experts at Pivale and explore the bespoke options available.

Barry Fisher - Director

Get in touch about your project

Give us a call or send us an email to talk through your project

telephone+44 (0) 203 743 0887

email[email protected]

Related articles

The ruins of a building in the middle of a field.

6 reasons not to use a standalone microsite for your Christmas marketing campaign

Calendar 27 Oct 2022 #Insights #Advice #Security & compliance #SEO We've compiled a list of the six reasons businesses shouldn't entertain the thought of a microsite - and they're pretty compelling.

Read the article
Bundles of Euro bank notes overlaid by handcuffs and a sinister sillouetted character on the left.

Google Analytics: Is it legal?

Calendar 24 Nov 2022 #Insights #Advice #Security & compliance Promise: not clickbait! It's hard to believe that this popular product could be considered illegal.

Read the article
A humongous explosion and ball of fire.

5 steps for security and disaster planning

Calendar 22 Jan 2018 #Security & compliance Do you need to protect your brand, prevent data leaks and avoid PR disasters?

Read the article

More recent articles

Protective mother deer with her fawn looking into the distance.

Green lights and red flags for inter-agency collaborative working

Calendar 2 Jan 2024 #Insights #Advice #User experience #Drupal #WordPress Most responsible agencies have working relationships with fellow branding, marketing or creative agencies who have a particular skill set that can knock the socks off their clients when they partner up.

Read the article
Businessman with a unicorn head.

Why you need to STOP hunting for the unicorn

Calendar 10 Oct 2023 #Insights #Advice Let’s face it - recruitment is hard. And it’s not getting any easier. Inundated with CVs, but nothing that quite fits the bill. Know the feeling? You’re not alone.

Read the article
A mess of plugs and cables looking very dangerous.

Where businesses are going wrong with managing multiple websites

Calendar 11 Sep 2023 #Insights #Advice #Security & compliance #User experience #SEO #Drupal #WordPress Why you might have ended up in a multisite muddle.

Read the article

Subscribe for email updates

1 Your details

2 Your interests

Please select which Pivale services are of interest to you:

3 Legal info

By subscribing, you acknowledge that your information will be transferred to our marketing platform for processing.

You can unsubscribe at any time by clicking the link in the footer of our emails. You can find out more in our privacy policy.