Data sovereignty starts with knowing the end-to-end solution

Moussa Zaghdoud Picture
7월 20, 2022

As the need for data sovereignty accelerates, solutions must ensure data is managed and stored according to regulations.

protected data servers

Experts have suggested the pandemic accelerated enterprise digital transformations by as much as five years. One of the challenges presented by this fast-tracked race to the cloud has been staying on top of data sovereignty and data protection in terms of understanding and adhering to the specific rules about how to protect this new flood of data as it traverses the globe.

Making protection a priority

Protecting data and data sovereignty are top of mind for today’s CIOs, CISOs and CxOs in general, especially when that data is in the cloud. Customers want assurances about where their data is passing through, how it’s being managed and where it’s being stored. They need to know the end-to-end story, not just because they’re interested, but because they are ultimately accountable ― for all of it.

Enterprises need to think about compliancy with the rules and the regulations in the countries of their customers or users. Today for example, Europe’s General Data Protection Regulation (GDPR), and the U.S. Cloud Act, need to be taken into consideration.

And although we are starting to see political announcements, the fact is that right now there is a gap between what needs to happen and what’s actually happening, and that can create liabilities. The risk for companies dealing with data is that users or customers can just sue the company or start some buzz on social media about bad data usage.

It’s extremely important for companies to understand what’s happening end-to-end. And that includes not only the SaaS provider, but all the related intermediaries that lead to the SaaS. And on the infrastructure side, from the root of the digital transformation all the way to how the data is being processed, extracted, used, and yes, potentially, exposed.

On the technical side, one of the challenges is to ensure all solutions that we provide include best-in-class encryption on all the methodologies, to deliver the highest level of security. In terms of data sovereignty, we are dealing with data that is sometimes kept on premises, sometimes in the cloud, and sometimes it’s in transit as people communicate. Customer contexts must also be taken in account, whether they are working on premises or mobile, to ensure that all information is well-managed and stored in the right environment.

Industry considerations

The need for data sovereignty spans all industries. Communications solutions enable the transit of data across governments, education, healthcare, hospitality and transportation, exchanging important, often mission-critical, confidential data with each communication.

Public sector organisations must consider data related to citizen information, voting, as well as the needs of every level of government ― from municipal to national. In healthcare, it goes without saying just how important personal privacy is, so ensuring patient-related data is secure and managed appropriately, with the right governance, is of the utmost importance. Transportation encompasses mission-critical environments, security and sovereignty when it comes to passenger safety and keeping things moving. On the education-side, student information, institutional management, as well as course delivery, must be considered. For the hospitality industry, it comes down to the guest experience and ensuring their data is handled with care. B2B organisations need to think about their employees with regard to the HR software they are using, as well as their business software in terms of consumer data, especially software used for marketing, PR and advertising.

The value of regulations and certifications

It’s crucial to be aware of the potential for data exposure. Some industries such as the financial, government and healthcare sectors are regulated and have certification processes. In the U.S. there are a number of cybersecurity regulations that cover these industries. In Europe the General Data Protection Regulation (GDPR) governs data protection and data sovereignty across the EU.

However, even when certifications are mandatory, they do not necessarily guarantee data sovereignty. Interestingly, France is leading by example with SecNum cloud certification. We are hopeful that the European Union will soon adopt similar certifications.

Standardised certifications are where we can add real value for customers by ensuring they are getting reliable solutions. Solutions that adhere to regulations and are compliant with certifications go a long way to easing the minds of CxO’s and ensuring their data is protected. Proof of concepts (PoC) and detailed analysis of contracts and supplier contracts can help them understand the end-to-end picture of how data is transported and how it is managed.

The power of partnering

With all this in mind, we cannot over-state the power of partnerships to deliver comprehensive, accountable, end-to-end solutions. From Infrastructure as a Service (IaaS) to Software as a Service (SaaS), from solution vendor, to system integrator, to service provider, everyone has an integral role to play to ensure a transparent, easy-to-deploy, easy-to-use data protected and data sovereign solution. At the end of the day the customers’ data must be protected and they must be secure in knowing that they own it and we are not using that for any other purpose.

Our Rainbow™ by Alcatel-Lucent Enterprise cloud-based offering, together with our OVH and NXO partner offerings provide a comprehensive hybrid cloud communications solution which protects your existing telephony investments and ensures data sovereignty. And since all parties are headquartered in Europe, we are not subject to the U.S. Patriot or Cloud Acts.

A peek into the future

We are only seeing the tip of the iceberg in terms of where we are and where we need to be regarding data sovereignty and data protection. When you look at world events and the potential for cyberthreats, understanding where your data is and how it is being managed is crucial for survival.

At ALE, we have appointed a Data Protection Officer (DPO) who is working closely with customers to assist and advise them on how to protect their data. Our services are designed with data sovereignty in mind and in accordance with international regulations and compliancy requirements. We continue to develop new cybersecurity solutions to detect and resolve security incidents on the customer network and provide the peace of mind business leaders need in today’s unpredictable times.

Moussa Zaghdoud Picture

Moussa Zaghdoud

Executive Vice President, Cloud Communication Business Division

Moussa Zaghdoud is the inventor of Rainbow, the Alcatel-Lucent Enterprise Cloud platform providing Hybrid Collaboration services and CPaaS. As Executive Vice-President of the Cloud Communications Business Division (CCBD), he is responsible for the end-to-end cloud strategy, as well as the solution definition, offer management, and business model definition for the Alcatel-Lucent Enterprise cloud offers.

Prior to joining ALE, Moussa founded two startups that provided cloud call center services and artificial intelligence-based predictive routing services to enterprises. Moussa is the Chairman of Sipwise and Advisory Board member in different companies.

저자에 대해

최신 블로그

a man and a woman looking at a laptop

랜섬웨어 시대 캠퍼스 사이버 보안에 맞서다

캠퍼스 사이버 보안 위협을 줄이기 위한 전략을 사용하면 악의적인 사용자 액세스를 제한하고 노출을 줄이는 데 도움이 될 수 있습니다. 

Blog 1200x299
Autonomous Network

Wi-Fi 6란 무엇이며 왜 관심을 가져야 할까요?

802.11 ax는 차세대 무선 네트워크 표준인 Wi-Fi 6입니다. 이 표준의 이점에 대해 읽어보고 팟캐스트에서 전문가들의 의견을 들어보세요.

Blog 1200x299

비즈니스 운영과 직원의 안전을 동시에 유지하는 법

위기의 시대에 간단하고 안전한 원격 네트워킹 솔루션으로 끈김없는 비즈니스 운영과 직원의 안전을 동시에 실현할 수 있습니다.


강력한 공용 Wi-Fi 네트워크를 구축하는 방법

모바일 및 IoT 연결의 보편화가 도시의 Wi-Fi 환경에 부담을 가중하고 있습니다.  아래에서 강력한 공용 Wi-Fi 네트워크를 구축하는 방법에 대해 알아보세요.

Tags - Rainbow, 보안