data residency

Data residency refers to the physical or geographic location of an organization's data or information. Similar to data sovereignty, data residency also refers to the legal or regulatory requirements imposed on data based on the country or region in which it resides.

Download this free guide

Combat the Latest Cloud Security Challenges and Risk

Enterprises continue to put cloud security strategies at the top of their to-do lists. Learn the latest cloud security risks and trends, as well as tips to secure your deployment.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

• • I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

  Please check the box if you want to proceed.

• • I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

  Please check the box if you want to proceed.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

Cloud computing, which allows businesses to deliver hosted services over the Internet, can create data residency concerns. With cloud computing, users are often unaware of their data's physical location, as cloud providers store data globally across different data center locations. Therefore, users need to be aware of their data's local residency laws and regulations. To do this, users need to know where their cloud provider's data centers are located across the globe and research the different data residency policies for each respective location. Additionally, cloud users should try to ensure their service-level agreements (SLAs) with cloud providers establish where their data can and cannot be stored.

There are many government policies and regulations that deal specifically with data privacy and residency issues. The Health Insurance Portability and Accountability Act (HIPAA) is a data privacy and security law designed to protect medical information. Payment Card Industry Data Security Standard (PCI DSS) is a set of policies to secure credit and debit cardholder information. Outside of the United States, data residency and privacy regulations include Germany's Federal Data Protection Act and the United Kingdom's Data Protection Act.

To protect data from unwanted access regardless of its geographic location, organizations can use cloud data encryption tools. Cloud encryption services transform user data into ciphertext before it's stored in the cloud. Cloud encryption service vendors include CipherCloud, Vormetric and Perspecsys, among others.

In April 2015, the Object Management Group (OMG) created the Data Residency Working Group to study data residency issues, including how to control and document data within cloud computing environments.