Today, Swedish as well as international companies have the opportunity to get their cloud-based IT operations handled by major suppliers such as AWS, Google and Azure. A service with security that is taken for granted. Something the customer always counts with is that the data stored with the supplier is always taken care of and may only be handled by the customer himself.
However, something we need to keep in mind today is the risk of having IT operations abroad. Regulations made in other countries that, for example, do not have the same relation to the Swedish and European GDPR legislation, may be a stopper for the confidentiality of one’s data abroad. An example taken today is the US Cloud Act, which went in effect on March 23, 2018. In short, Cloud Act means in that US IT service providers need to disclose data to US authorities when needed. An appeal by a Swedish company that stores data in the United States would not be valid in this case, which unfortunately may put the company at risk, depending on the type of company that is at jeopardy.
In an article written by eSam, they write about the risks that may appear with cloud services in the public sector. Swedish public companies using confidential data risk being unprotected to some extent, depending on the laws of each country where data centers are located and the data is stored.
It is only a matter of time before more companies in the Swedish public sector begin to see the risks of cloud services abroad. Then the question is how they will act. Will they see, for example, the Cloud Act as a clear threat to confidentiality or will you continue with the same setup.
Thanks to the opportunities, freedom and, above all, the cost-effectiveness of cloud-based IT operations, more companies choose to move to the cloud. Companies are now also looking for the safest cloud service. Companies that have begun to look at cloud IT options are starting to become more aware of the risks of foreign cloud services and turn the binoculars towards the Swedish suppliers.