Originally posted on LinkedIn.
Some thoughts utilising my experience as a DevOps Consultant and Software Engineer and how we can improve technology use in business now using cloud, business analysis and better stakeholder engagement to drive better business outcomes for all.
Recently in NZ we have seen a number of IT infrastructure service providers promote their offerings as “private and public cloud” in New Zealand, “ensuring your data is safe”.
This is a red herring. Data is not safe because it sits in this country or that. The measure of how safe your data is can only be based on the entities that are responsible for your data -e.g. you, your IT staff, your employees, contractors, vendors and customers.
What level of controls and mechanisms you put in place when people are accessing data depends on the investment of time and thought placed on ensuring solid information security practices are followed.
Your data is safer in a public cloud provider such as Amazon by default because their data centres meet extremely stringent controls due to the various compliance programs they are a part of including ISO 27001:2013, the internationally recognised and widely adopted standard for information security.
Ask yourself how many NZ data centres could match the leading public cloud provider’s investment in information security. I’ll answer for you, it is ZERO.
Data moves and has no fixed physical location
What several NZ based infrastructure providers and IT consultants have long sold to customers is the illusion that data is a thing that has a fixed physical location. The reality is that as soon as data is accessed it becomes “in transit”. This is true of all data, at some point it is accessed for some reason.
Take for example the notion or false idea that email data is stored in country always. This is not true for most email data.