IBM is revamping how it manages data stored in one of its European cloud computing data centers, giving customers more control and transparency over where their data lives and who has access to it.
Concerns about data security continue to dominate the cloud industry, as more large corporations migrate applications and sensitive customer information over to the cloud.
Europeans regulators and cloud customers in particular have long been skeptical of how American tech companies handle their data. And in response all the major cloud providers, from Amazon to Google to Microsoft, have built data centers in Europe or relocated data to European servers to comply with strict E.U. privacy requirements.
In a blog post this week, the head of IBM’s European cloud unit says Big Blue is trying to address “all-time high” data security concerns in Europe as cloud companies and customers prepare for sweeping new data privacy rules to kick in.
To do that, Krause says IBM will put in place new security implement new controls so that access to customer data in its Frankfurt data center is controlled exclusively by EU-based IBM employees. EU-based staff will also review and approve all changes from non-EU based employees that could affect client data. IBM also said it is adding to its customer support teams in Europe. The changes will go into effect next month.
“Every day, I hear from a wide range of global clients across every industry that they need tighter controls and visibility into where their data is stored and processed in the cloud,” Sebastian Krause, general manager of IBM Cloud Europe, wrote in the blog post. “However, they don’t want to be slowed down when they decide to tap into higher-value cloud services that can drive their businesses forward.”
Germany already has what is considered as some of the strongest data privacy legislation in the world. New privacy rules in the E.U., specifically the General Data Protection Regulation, further strengthen data protection throughout Europe and impose the threat of huge fines that could be leveled against cloud providers. The new regulation goes into effect in May.
American cloud providers have long been under the microscope in Europe over fears that U.S. law enforcement could compel the release of data, even if that data is not stored in the United States. To address those concerns, some American cloud providers such as Microsoft have started offering data services from new European data centers, where the data cannot be accessed without a customer’s permission.
IBM says it already allows customers to decide where their data is located in the cloud, but the new access rules to put data under the control of EU-based staff only will take “that a step further.”
IBM has 16 cloud data centers in Europe, including facilities France, Italy, the Netherlands, Norway, Spain, Switzerland and the UK— and about 60 worldwide. Krause says the changes in Germany could be implemented in other locations in the future.
“While data privacy is especially important in Europe, clients in many markets face regulatory pressures to protect their users’ data,” Krause wrote in the blog post. “IBM plans to take the improvements outlined here and adopt them across other IBM locations in the future.”