In the world of IT, we usually draw explicit lines when it comes to data ownership. In years past, your corporate data was on your boxes in your corporate data center.
There was never any question about where your data was, much less who owned it.
With today’s migration toward the Cloud, organizations accustomed to clear-cut definitions of ownership have found themselves on uncertain ground. After all, if data is stored on someone else’s servers rather than those in-house, who actually has control over the data? And for that matter, where IS the data?
Understanding Cloud Ownership
Depending on the vendor that you’ve chosen to leverage, you should still maintain complete ownership of your data. This is true for businesses regardless of whether they’ve chosen a complete transition into a Cloud Unified Communications (UC) environment, or have opted for a hybrid Cloud model.
In either case, your contract should stipulate that you still own and control 100 percent of your data. There should be nothing ambiguous about this ownership. If you feel uncertain or are considering going with a Cloud vendor who does not explicitly define data ownership in their contract, run away. Data ownership is vital for your business health, safety, and overall growth — don’t take it lightly.
Understanding Data Control
While your business owns your data, your chosen Cloud Service vendor has ultimate control over it. This means that if they are required to turn over data in order to comply with legal regulations, they will do so.
On the flip side, this control over your data also makes securing it against misuse their responsibility. For example, they are culpable for data breaches that result in credit card information being accessed illegally.
Normally, your business (and your IT department) would be legally and financially responsible for the losses. Because your Cloud UC vendor contractually agrees to be responsible for your data, this responsibility is passed to them. (Be sure to review your contract for further details regarding financial and legal responsibility in the event of data loss.)
The final vital area of data control relates to data that is deleted due to a termed vendor contract. Most UC Cloud vendors will allow a grace period in which you may retrieve your records. This period may be as short as 48 hours and may be as long as two full months.
If your records are not obtained within this timeframe, your Cloud vendor will delete all of your data. Needless to say, this loss is not an option for any business. Be sure that you understand these terms before signing with a Cloud vendor and absolutely before you term services.
Where Is Your Data Located?
This varies according to your individual Cloud vendor provider. Cloud vendors typically store your business data in multiple locations in order to best ensure availability. But exactly where and which servers are not necessarily something that they will specify for you. If you want to know the city, state, and the number of the server room in which file XYZ is being held, you’re better off staying with an on-premise solution.
But if it’s just the country or state that you’d like to know, you may reasonably expect this information to be provided by your Cloud vendor.
In the event that your data is being held overseas, keep in mind that it will be subject to corresponding national and international laws. For example, data held in the EU will be subject to the EU Data Protection Directive, to which your Cloud UC vendor is required to confirm.
Have more questions on where your business information is located and who owns it? Contact our support team or your account rep to learn more.