Yesterday the Irish Times (no links from me to them because they hosted outside of Ireland after consulting a number of companies here in 2007) had an article that featured a government internal email from the Irish Department of Finance. It instructed the various departments and organisations within the government to be wary of using cloud services and it specifically mentioned Microsoft as an example. The reasons included security and Data Protection Act compliance.<\/p>\n
The problem is the USA Patriot Act. Any American owned hosting service or data centre, no matter what country it is in, must comply with the Patriot Act. That gives the USA federal government the right to demand instant access to any data hosted by that service. It doesn\u2019t matter if Amazon has a data centre in Ireland or if Microsoft has a data centre in Ireland or the Netherlands. They\u2019re both American, they both must comply with the Patriot Act, and therefore any organisation storing sensitive or personal information should not be using those services, or services hosted on those platforms for storing that data.<\/p>\n
An Irish owned SaaS application, with an Irish owned hosting company, in an Irish owned Data Centre are all fine for compliance in Ireland (substitute your own country where appropriate).<\/p>\n
This goes beyond government. It also applies to private businesses. I recently saw two SaaS companies, one dealing in the HR business and the other in the insurance industry, launch their services based in one of those American data centres in Ireland. Strictly speaking, and it would appear in the opinion of the Irish government, both of those companies are non-compliant. They would also put their customer who would subscribe to their applications into non-compliance.<\/p>\n
Is the scenario far fetched? Of course not. We know how intelligence agencies have misbehaved in the past. We also know that intelligence agencies have been used for corporate espionage.<\/p>\n
Also, forget Safe Harbour. The Patriot Act and the interests of intelligence services always override it.<\/p>\n
The solution is simple; find a locally owned SaaS company, locally owned hosting company, and\/or locally owned data centre when you are dealing with sensitive information.<\/p>\n
As the email from the Department of Finance said, consult legal advice when you are going online. Don\u2019t take a chance, don\u2019t believe a salesman (there is one company is quite slow to fess up when it comes to the Patriot Act and allows their customers to become non-compliance), and don\u2019t put your customers at risk. Especially don\u2019t believe the loud protests otherwise from the executives of a certain SaaS company that denies all of this (mainly because they did host in the USA and are vulnerable). If you get burned you\u2019ll lose your business or career. <\/p>\n
And don\u2019t believe me. Consult a legal expert on the Data Protection Act and the online industry. Then make your decision before choosing a platform, hosting company, data centre or SaaS application.<\/p>\n","protected":false},"excerpt":{"rendered":"
Yesterday the Irish Times (no links from me to them because they hosted outside of Ireland after consulting a number of companies here in 2007) had an article that featured a government internal email from the Irish Department of Finance. It instructed the various departments and organisations within the government to be wary of using … Continue reading “Irish Government Warns Against Using Microsoft Azure And Others”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[9],"tags":[],"class_list":["post-10367","post","type-post","status-publish","format-standard","hentry","category-commentary"],"aioseo_notices":[],"jetpack_featured_media_url":"","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/aidanfinn.com\/index.php?rest_route=\/wp\/v2\/posts\/10367","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aidanfinn.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aidanfinn.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aidanfinn.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aidanfinn.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=10367"}],"version-history":[{"count":0,"href":"https:\/\/aidanfinn.com\/index.php?rest_route=\/wp\/v2\/posts\/10367\/revisions"}],"wp:attachment":[{"href":"https:\/\/aidanfinn.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=10367"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aidanfinn.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=10367"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aidanfinn.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=10367"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}