Compliance on the Decentralized Cloud
Data sovereignty has become a hot issue for chief information security officers (CISOs) with the General Data Protection Regulation (GDPR) and other laws and compliance measures emerging in multiple countries. If your organization needs to comply with data sovereignty rules, Storj Decentralized Cloud Services (DCS) has you covered. As a decentralized network, Storj DCS takes a unique approach to object file storage that delivers significant resiliency, security, performance, and cost advantages over legacy centralized cloud platforms. And even though those advantages are made possible by its inherent distributed nature, Storj DCS is the only storage network that delivers the power of decentralization with the added ability to also offer data sovereignty control through its geofencing capabilities.
How Data Sovereignty with Storj DCS Works
By default, Storj DCS uses Reed Solomon erasure coding that automatically splits each object file into 80 or more encrypted pieces across 13,500 geographically diverse nodes and ISPs across the globe. In turn, the reconstruction of an encrypted file only requires 29 of those 80 pieces. The erasure coding methodology that DCS uses to split, distribute, and reconstruct object files enables it to achieve enterprise-grade 99.95% data availability, unrivaled resiliency, unmatched security and immutability, high-speed multi-parallelism throughput, and dramatic storage cost savings. But what if you don’t want your data distributed globally? What if you need to make sure your data only gets stored in a certain country or region of the world?
With the geofencing capabilities in Storj DCS, you can designate where you want your data stored by country or global region. Currently geofencing is implemented at the bucket level. Future iterations may support object-level geofencing. Since Storj knows and continually audits the location of each of its storage nodes’ IP addresses, it can guarantee your data gets stored where you want when you invoke geofencing. Furthermore, to make sure a storage node owner doesn’t try to mask its location through the use of a VPN, Storj DCS blocks VPN shielded nodes from being able to host geofenced data.
Since Storj wants customers to be able to reap the full resiliency and performance benefits that global decentralization provides, the usage of geofencing is recommended only for those organizations that truly have data sovereignty concerns or compliance requirements. Even so, those who use geofencing with Storj DCS will have no negative impact on resiliency and performance in areas where there are high concentrations of distributed storage nodes (See table 1). Customers can select entire regions, such as the European Union, or a combination of regions and countries.