Data Sovereignty in the UK

Data sovereignty is about more than control Growing awareness and demand for data sovereignty is an opportunity for organisations to simplify data hosting and management In recent years the word sovereignty has become prevalent in the daily lexicon of life, as geopolitical events reshape society and business. For the business technology leader, data sovereignty is set to become one of the key topics they will need to address in the coming months and years. At the heart of data sovereignty are issues of economic prosperity, protectionism and the security of individuals, organisations and nations, and this is why data sovereignty will be an issue business technology leaders will need to grapple with. Data has become a highly valued resource because data enables individuals, companies and nations to evolve and develop, so control is essential. The rapid growth of social media giants and global eCommerce platforms demonstrate this clearly. For business technology leaders, who are now tasked with so much more than just operating the IT, strong data management is therefore vital to ensure the business can use its data resources to grow. Data sovereignty, therefore, touches three key topics of business leadership in the 2020s, deriving business value from data, security (something the consumer and regulators demand and thus secures the sustainability of the business), and thirdly the implications of Brexit. A complication of data sovereignty is that organisational data is not only stored in the UK, for example, but that data is bound by the laws of the nation holding the data. For some customers or partners, having personal identifiable data travelling through other countries will be highly problematic, so data sovereignty provides an additional layer of customer service and good business practice. Especially as organisations can then set strong governance practices around that data, and how it is used. Getting to good data sovereignty begins with having a strong understanding of where the organisational data resides, and where that data could reside. This means analysing the data journeys in your organisation, working out where the data enters the business, how it moves, why it moves, what processes that data supports and has to go through, and any transformations the data has to undergo. Once an organisation understands its data, it can then place the data into a sovereign setting. Data sovereignty also provides organisations with a route to simplification. Not only has the data been fully understood, but in moving it to a sovereign status in a data centre within a sovereign state, the organisation has also reduced the number of regulatory hurdles that have to be navigated. The data is bound to the laws of the sovereign state. Having data spread across the regions of the world means compliance levels for each and every one of those regions, and this adds to the complexity of the business. In the UK Brexit could create some complexity, but as things stand at present, it looks very likely that the UK will adopt the vast majority of the practices within GDPR, the European regulation brought into power in 2018. Hosting the organisation’s data in a UK data centre does simplify the information management for the business. It is important to remember here though, that for many organisations, a blended approach to data centre hosting is the most efficient model. In terms of data sovereignty, we are increasingly working with organisations that require a menu approach to data sovereignty, and data centre hosting, with certain services being delivered by different service providers from different data centres. Again, the simplicity delivered by data sovereignty benefits the menu approach to data centre and cloud services selection, as there is a single source for the data and a set of strict governance around that data. SCC understand the importance to give our customers the options to hold their data in the required place and manage its sovereignty as well as its security. Our UK based Data centres allow them to keep the data close if needed. CIOs and CTOs are demanding greater transparency and demonstrations of data sovereignty in the proposals for data centre services – and we welcome this. The data breaches that have hit the headlines in recent years have educated the customer. Data needs to flow to provide the services the customer expects and to deliver efficient business, but not at the cost of the security and sovereignty of personal or valuable data. SCC’s partner ServiceNow, the leading digital workflow company, is increasing investment in its data centre infrastructure by developing new facilities in two new locations: Newport, United Kingdom and Dublin, Ireland. This investment will continue to support customers’ digital transformation journeys and help customers navigate the post-Brexit landscape. These new data centres will establish two new pairings for the hosting of customer instances: an UK sovereign pair between London and Newport, and a EU sovereign pair between Amsterdam and Dublin. These new data centre pairings will form part of ServiceNow’s Advanced High Availability Architecture and will continue to ensure the scalability of its cloud services. This investment takes ServiceNow’s global data centre pairs to 11, spanning five continents, and supported by six global support centres to serve customers’ digital transformation needs. SCC who use ServiceNow to support its own UK based Data Centres services as well as the other IT Services see the importance of understanding and controlling its and customer’s data’s sovereignty, and have moved its own ServiceNow to these UK based data centres. SCC is also a partner of ServiceNow and provides support and advice to customers of ServiceNow. Data Sovereignty Webinar from SCC on Vimeo.