Embassies have been havens for the people of countries they represent for hundreds of years, helping reduce some risks that their citizens can face when traveling and living abroad. The concept of reducing risk with an embassy has been extended to data in the digital world, made possible by the flexible, distributed nature of the cloud.
From our partners:
The infrastructure of a data embassy
There are several components that comprise a data embassy. A data embassy must have a secure, resilient data infrastructure that can protect a nation’s data from cyber and physical threats. They should have a robust mechanism to ensure efficient data back-up and fail-over, as well.
Data embassies must also have an agreement with a trusted partner that covers technical and contractual measures to ensure the confidentiality, integrity, and availability of the data stored in that facility. Importantly, the agreement must also delegate a certain level of control over the data.
Rather than storing your data in one facility, where it can still be vulnerable, the nature of cloud technology can encourage governments to take advantage of a global infrastructure that provides maximum reliability and resilience.
Cloud technologies now allow organizations to put in place such data backups and replicated services, even over vast geographic distances. The diplomatic agreement between the home country and the host country establishes three pillars of sovereignty on the recovery site:
- Data Sovereignty: The home country retains access and control over its data, which is protected and not subject to the host country’s jurisdiction. This can be accomplished through the nation’s control of the encryption keys used to unlock the data.
- Operational Sovereignty: The home country has continuous visibility and control over the provider operations and can maintain its services even during extreme scenarios.
- Software Sovereignty: The home country can choose the technical stack on which it operates, without depending on the provider’s software.
This sovereignty approach through the data embassy model contrasts with the sovereignty requirements blossoming in several countries in Europe and beyond, mostly based on the strict requirement for data residency. The two implementations do not address the same risks but share the same goal of preserving digital sovereignty. For example, some countries in Eastern Europe have regulations requiring sensitive data to be stored in their national territory. Since the beginning of the war in Ukraine, their risk model has radically changed.
The mandatory storage of data within strict geographical boundaries may be a hurdle to maintain the security level and the resilience of data and services. At Google Cloud, we support data residency controls for customers who need to keep data in a specific location for compliance or reliability reasons.
However, for customers who need to back up or replicate data outside the region, we support additional controls including robust cryptography and customer control over the encryption keys. Using Google Cloud’s innovative customer-managed external key management (EKM) and key access justification (KAJ) tools, customers have ultimate control over access to their data, regardless of where it is geographically located. This allows our customers to enforce strict access controls without sacrificing the security and resilience benefits of a global cloud infrastructure.
These concepts can actually be implemented in a complementary fashion. We have observed during the last decade how cloud technologies have remodeled approaches to business continuity. The same evolution may occur in the following years in sovereignty.
Data embassies create a new approach to securing data by leveraging diplomatic agreements bolstered by cloud technology solutions. We expect that the concept of digital embassies will grow organically over time, as different organizations and their host countries work out legal details. We expect more organizations to join the digital embassy movement, partnering with a trusted host country to develop the legal framework required to become trusted hosts.
Of course, a defensive posture for cybersecurity risk is not built upon one single measure but on multiple capabilities comping together to provide defense in depth. Data embassies may find their place in a resilience strategy within a definition of sovereignty that embraces a mixed ecology of solutions to facilitate European government and citizen control over their data. Embassies and robust customer-controlled encryption offer a sovereign solution that can be achieved without the trade-offs associated with turning away from global cloud infrastructure. These solutions will form part of the toolkit providing alternatives to nation states for whom highly localized storage does not achieve continuity nor resilience.
To conclude, the drive for more sovereignty, and in particular data sovereignty, is here to stay. As cloud computing evolves, and as geopolitical frictions show no sign of subsiding, digital embassies or similar approaches to citizen data are expected to mature and perhaps become mainstream in the coming years.
To learn more about data embassies, please contact the Google Cybersecurity Action Team and read our digital sovereignty announcements from this year’s Google Cloud Next as well as listen to our Demystify Data Sovereignty and Sovereign Cloud podcast.
By: Thiébaut Meyer (Director, Office of the CISO)
Source: Google Cloud Blog
For enquiries, product placements, sponsorships, and collaborations, connect with us at [email protected]. We'd love to hear from you!
Our humans need coffee too! Your support is highly appreciated, thank you!