From now on, NordLocker Business users can choose where they want to store their files — the United States (the state of Virginia) or the European Union (Germany). “This feature was highly requested by our business customers, and we are very excited that we are now able to offer it. Our product team is always focused on listening to our customers and shaping the product according to their needs,” says Aivaras Vencevicius, head of product at NordLocker.
Why is file residency important?
Businesses might choose to store their files for a variety of different reasons, such as:
- Tax benefits. Some governments offer more advantageous taxation for a business ensuring a significant part of its operations stay within the country.
- Client requirements. A business may choose to include data residency in its policy for transparency about data storage.
- Financial considerations. Businesses may choose to host data in a specific country due to cheaper operating costs as well as the possibility of a beneficial regulatory environment.
Complying with legal requirements
There are a variety of different legal requirements that businesses need to pay attention to when it comes to data. Aivaras Vencevicius highlights a few of the most important examples:
If a company works with the US government, specific data residency requirements may be stipulated in the contract. For example, government contracts may restrict the storage and processing of sensitive data outside the United States.
The Gramm-Leach-Bliley Act (GLBA) in the US is another example. The GLBA applies to financial institutions and requires them to protect the privacy and security of customer information, including personally identifiable information. While it doesn’t mention data residency explicitly, financial institutions need to implement appropriate safeguards for data protection, such as ensuring data storage within the country.
The EU has similar requirements. The German Federal Data Protection Act regulates data residency in Germany, or the Bundesdatenschutzgesetz or BDSG. Data localization laws require that the data originating from Germany stays within Germany’s borders. Also, German laws have specific data residency regulations for financial records, employment contracts, customer data, medical records, and legal documents. For instance, some financial records might need to be retained longer than general business correspondence.
As for the European Union, the transfer of personal data across the EU’s borders is regulated by Articles 44-50 of the GDPR. According to the regulation, before the data can be transferred within the EU, EEA, or to a trusted country, businesses must be able to confirm that the country has an appropriate level of data protection.
How can NordLocker users migrate their files?
In order to migrate their files and change their data residency, NordLocker users need to contact support or their account manager. The migration will then be done for the client. In the near future, NordLocker customers will be able to perform this action themselves through the Business Admin Panel and schedule migration for their preferred time.