#CyberFLASH: Canada’s cloud computing strategy calls for no cross-border data storage

1297454168430_ORIGINALKeeping data inside Canada’s borders is a key consideration in the federal government’s cloud computing strategy.

Public Works and Government Services Canada’s Request for Information seeking industry feedback on how the government can use and deliver cloud computing services to Canadians, outlined some of the requirements that potential providers would likely face.

The deadline for submission to the RFI expired on January 30 and it is unlikely that the public will have access to the submission since the RFI includes a non-disclosure agreement.

However, the RFI itself sheds some light into the government’s data encryption and cloud storage concerns.

Public works wanted to find out from industry if the following strategies for “reducing Canada’s risk associated with contracting cloud services” were viable as well as what challenges could be present and what alternative solutions should be considered:

  • Require that all domestic data traffic be routed exclusively through Canada;
  • Require that all databases in which data is stored be running on servers located in Canada;
  • Ensure that there are no connections from the Canadian database(s)/servers to any supplier database located outside Canada, with no way (short of hacking) of accessing the Canadian database(s) from a location outside of Canada;
  • Encrypt the data (in transit and at rest) and ensure that encryption keys are held only by Canada;
  • Require physical segregation of Canada’s data as part of the design of the solution

Read more here

About canux
© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.