Salesforce data compliance lessons from Australia and Singapore

Data location buzzwords: what do data residency and sovereignty mean

The concepts of data residency and sovereignty have emerged as critical considerations in cybersecurity as compliance requirements have tightened due to company specific data policies or regional regulations.

Data residency refers to where data is stored. Whether it’s on a local server in a company’s headquarters or in cloud storage located halfway around the world, the physical location of data influences how it’s managed and protected.

Data sovereignty, however, is a bit more complex. Data sovereignty involves the laws that apply to data based on where it’s stored. Local laws dictate how data is managed, used, and secured, regardless of where the data’s owners are located.

We want to keep our data local – lessons from the Australian landscape

Complying with different regional data laws is a big task, especially for companies operating in multiple countries. Laws vary by region and what’s legal in one country might not be in another. Events such as significant breaches have also been seen to drive data residency prioritization.

Jussi Wäre, Vice President APAC of WithSecure Cloud Protection for Salesforce reflected on recent developments in the threat landscape, noting, “After significant data breaches such as OPTUS, a vast majority of Australian data found its way to the dark web. This alarming event led to a sharp increase in cybersecurity awareness. As a result, the emphasis on cybersecurity measures began to intensify swiftly.”

Respecting data residency and sovereignty isn’t just regulatory acrobatics; it’s about preserving reputation. A misstep? That’s the trust bridge burning. Therefore, understanding laws concerning data location and handling is crucial for maintaining trust and avoiding legal issues. In line with this, the sentiment from the public sector is highlighted by Wäre: “In the public sector, the pace has been rapid. There’s a strong push for data residency, and the message from government agencies is clear: they want their data kept local.”

WithSecure™ adapts to a global demand for data control in Australia and Singapore

Acknowledging these challenges, the Configurable Point of Presence has been introduced in WithSecure™ Cloud Protection for Salesforce, along with new data center locations in Australia and Singapore. This feature lets businesses choose where their data is processed, meeting regional data protection requirements.

Jussi Wäre emphasized the universality of this sentiment, noting, “There’s a same story both in Australia and in Singapore. Right from the get-go, public sector clients are saying, ‘Our data needs to stay in our country. No exceptions.’”

This control is critical today, as data residency impacts legal compliance, data speed, and security levels. With the ability to set the geographical point of presence for their Salesforce security data, companies can make informed decisions that fit their wider data residency and compliance plans. Wäre added, “While the private sector is also on board, it’s clear that the public side is setting the tone, turning ‘data residency’ from a nice-to-have into a non-negotiable.”

Benefits of controlling data processing location

Choosing Salesforce data residency locations goes beyond compliance. It involves improving performance, securing data, and planning business operations. Main benefits include:

• Compliance flexibility: Navigate global data protection laws by setting data residency to meet regional rules.
• Performance improvement: Decrease data delays by processing data nearer to its origin, improving efficiency.
• Stronger security: Lower risks during data transfer and limit exposure to various regulations. Customer Trust: Show strong data protection and compliance to build confidence.