Achieving Data Sovereignty in a Unique Solution by WISeKey
Public Sector Institutions, Cloud Computing and the Data Sovereignty Problem
Like individuals and companies, public sector institutions (such as governments, international organizations and others) are also seeing the benefit of having their information systems hosted out of third party data centers and even in the form of “Cloud Services”, Software as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS), or other such models. Ultimately this means giving up the verticality of the control public sector institutions have historically liked to maintain over their data and archives. The reason for this is that Cloud Computing in very basic terms means that such institutions do not own the physical infrastructure, the software or the services used but rents or outsources them in some form from a service provider, which ends up looking something like this:
Such loss of control may go unnoticed in some cases and in others, even if it is known, the sheer benefits afforded by such services, outweigh the risks.
Unfortunately, important policy questions arise when, for example, a government’s critical information and services is no longer under its full control and may even be outside of its borders, resulting in it being accessible by other governments through search warrants or other such legal mechanisms (under the law of the data center in which the data is being hosted). Examples abound of police bodies of many countries accessing data centers as part of an investigation and simply carting away servers from the data centers and knowingly or not, taking data from multiple sources with them, including data of foreign governments. Many government officials may not be aware of this threat but most IT professionals certainly should be. Essentially, a government is losing sovereignty over their data and IT systems.
Nowadays, public sector institutions wishing to benefit from Cloud Computing will probably find themselves in one of two situations:
- they already have abundant data center infrastructure and IT systems but are seeking to benefit from the advantages of Cloud Computing in general or for specific applications, platforms or services;
- they do not yet have any significant or reliable infrastructure or IT systems to satisfy the needs of a modern government services provision and are therefore looking to put it in place.
In both cases they are seeking the most effective approach to evolving at least some of their information systems towards Cloud Computing and other forms of outsourcing but both cases also suffer from the lack of retention of true sovereignty over their data.
WISeKey's Solution:
What if Data Sovereignty could be Maintained in Cloud Computing?
What if despite using Cloud Computing, the data and IT systems could be hosted within the Cloud in a manner that ensured the sovereignty of the Government over the data and IT systems to the extent that such data was deemed to be hosted within a government data center, even if physically processed and located and elsewhere?
This is precisely what the OISTE Foundation and WISeKey can help public institutions. WISeKey´s solution is built on a four-layer framework addressing legal, policy/operational, infrastructural, and technological issues that allow such entities to host their IT platforms from unique state-of-the-art data centers.
For further information, please contact WISeKey experts at sales@wisekey.com