Ensuring that data remains within a given country or region is an effective risk management strategy.
Companies are increasingly demanding that their data be processed in the same region to which the company belongs. In particular, a survey conducted by WithSecure among more than 3,000 ICT managers in a dozen countries shows that 38% of them are in line with this requirement, with 35% demanding that data be processed in the same country where the company operates.
European countries have the highest incidence of this requirement, with the majority of countries requiring data to be processed in their country or region being Belgium, Denmark, Finland, Germany, the Netherlands, Norway, Denmark, the United Kingdom and the United Kingdom. In the case of France and Sweden, opinions are divided on this issue.
In the United States and Japan there is a majority tendency to process data in their own countries, in contrast to Canada (27%) and Norway (21%), where there is less of a habit of processing data within their own countries.
As Paul Brucciani, cybersecurity consultant at WithSecure, explains, “Managing data privacy risk in different parts of the world is a headache for organisations. And people care more about how their data is used these days: how it is collected, processed and accessed is an important consideration regardless of local laws. Ensuring that data stays within a given country or region is an effective risk management strategy and a potential selling point for organisations.”