For European cloud users, there is an unsolved, if not unsolvable problem: who owns the data when it matters? While in the European Union there is a demanding set of rules for the protection of personal data in the form of the Basic Data Protection Regulation, and in Switzerland there are comparable principles, in the USA the Cloud Act is the opposite. According to the Act, US authorities can demand that US cloud providers surrender data that they have actually hosted on behalf of their customers in the event of suspicion. This also applies if these data are stored on a server in Europe and therefore not on the territory of the United States. In the event of a case, Google, Amazon or Microsoft would have to do exactly what European law forbids them to do: hand over critical customer data to the US authorities!
Many mid-sized companies don’t feel comfortable with the idea that their data is not stored on a server in their own country. Microsoft, for example, has now opened two data center regions each in Germany (Berlin and Frankfurt) and Switzerland (Geneva and Zurich) and has already established well-known users there in the form of Deutsche Telekom, SAP, UBS and City of Zug. The server farms are called “regions” because they are distributed across several locations in the region and are thus additionally protected against attacks from outside.
While offers like these give the good feeling that the data is now stored in Germany and Switzerland, they still do not provide protection against the US Cloud Act. The only thing that helps is to choose a local provider. However, their equipment is often less advanced than that of Amazon Web Services and Microsoft Azure, for example. A vicious circle.
In fact, however, hybrid cloud infrastructures can offer a way out. After that, the applications are at the cloud service provider. But the data remains on their own servers. With the actesy metadata framework, such a hybrid solution can be implemented without disrupting ongoing operations. For this purpose, the data is read into the framework’s own flat database. This even has the advantage that with the actesy metadata framework new data links between the applications become possible. This is especially worthwhile when additional networked systems come into play – for example through digital devices in the Internet of Things.
So while the data remains with the customer, the cloud providers lose access to the data. So in the event of a case, they cannot even comply with the US authorities’ request under the Cloud Act. The actesy metadata framework thus offers a high level of protection against third-party access. Furthermore, with your own actesy Rights Management you can carefully assign access rights to users, user groups and user roles even in the hybrid cloud.
With the actesy metadata framework, we have combined the experiences of three decades in distributed application worlds into a powerful management tool that links digital worlds at application, process and data level. What can we do for you?
We look forward to hearing from you at firstname.lastname@example.org
See you on your next digital project!