Data Masking/Tokenization/Anonymization replaces sensitive information with fictitious data while retaining the original data format. The data masking process lets you continue to work with your data as if it were not encrypted. Databases, business applications and collaboration software continue to work as if the data was real, but unauthorized personnel only have access to the fake data and can’t extract meaningful sensitive information.
Jurisdictions around the world, including the European Union and Canada, are enacting laws and creating regulations forcing companies that collect personally identifiable information (PII) to store the data of their residents within their national boundaries. This concept is known as data residency and the idea is that local privacy laws will apply to data stored locally. Since privacy laws differ depending on the jurisdiction, it makes sense that Europeans, for example, want to be protected by their own laws. The problem is that data residency has never provided this kind of protection and recent court rulings in San Francisco and Canada highlight this fact.
Countries are establishing data residency regulation to protect private and classified data generated from their citizen by mandating storing this information within that country (the country of origin). The theory is that the laws of the country in which the data is stored apply to that data. Large cloud providers such as Amazon, Microsoft, Salesforce are opening cloud data centers outside their home countries (Cloud Data Center Expansion Race) to satisfy these laws. The question is “Does Data Residency Reduce Cloud risks?