The slippery slope of data sovereignty was brought into the limelight again recently with the news that certain Canadian government agencies were entertaining discussions to store secret Canadian data on US-based hyperscale clouds - forbidden by current Canadian Federal policy. These discussions centered around the use of encryption to ensure that this data remained secret - with the premise being that as long as Canada held the keys to the encryption, the data would be safe. Encryption has also been front and center in many discussions concerning readiness for the EU General Data Protection Regulation (GDPR), already approved, and due to be enforced beginning in May 2018.

cloud.ca Infrastructure Enables Rapid Growth of Innovative Company

Summary

CWP Energy sought to:

• Off-load its IT demands (web applications and virtual desktops) to trusted partners
• Integrate data flow between its data mining applications and financial software
• Enable the company to expand to new locations and triple its number of employees in the next five years

With the increasing maturity of cloud.ca in the Canadian market and the recent revocation of the EU Safe Harbour agreement for US-based companies, the time was right to assess and report on the state of jurisdictional compliance and data sovereignty in Canada and how it relates to the cloud. In general, global software companies, globalized enterprise shared services, and government related organizations are driving large demand for Canadian owned and operated cloud infrastructure, and we are excited about the future of delivering secure API-centric utility infrastructure, unlocking agility and cost effective IT.

Rules of the new on-demand architecture

Cloud computing represents a significant shift in IT strategy. Now that applications run on virtual infrastructure—independent of the underlying machinery—they are portable and therefore give third-party providers the opportunity to sell computing as a utility.

Image credit: XKCD

What happened?

Amazon Web Services experienced a service disruption for 8 hours and 33 minutes on Sunday, September 20, 2015, from 2:19 AM PDT to 10:52 AM PDT. The outage, which affected its US-EAST–1 North Virginia location, began with a network disruption that significantly increased error rates on Amazon’s DynamoDB (NoSQL database) service. This led to a cascade whereby some 37 other AWS services would begin to falter and show increased error rates for API requests.

cloud.ca, Canada’s cloud Infrastructure as a Service (IaaS), has earned its SOC 2 type 1 certification.

Renewable energy has been the hot topic in the cloud industry lately. Data centres for big players like Amazon Web Services (AWS), Microsoft and Google require a lot of power, and I mean a LOT of power. One data centre consumes the equivalent energy of about 25,000 homes per year. Data centres are major sources of energy consumption and there is growing pressure on companies to be more socially responsible and to operate sustainably.

CloudOps has been helping companies leverage the power of cloud services for nearly as long as cloud services have been around. We were early adopters and evangelists of AWS and open source cloud technologies such as OpenStack, CloudStack and Docker. We understood the value of API-driven, self-service scalable infrastructure, and so did our customers. However, as the industry matured, we kept getting the same question: can I do this in Canada?

Image credit: Jessica Borutski

Recent European Union data protection regulation is pushing clouds back to the new world.

10 ms away from the Patriot Act

Many of the early adopters of our Canadian IaaS, cloud.ca, were organizations that write software and want to run it inside Canadian legal jurisdiction because they or their customers prefer Canada's laws for data protection and data privacy.

CloudOps is often asked to provide proposals for organizations migrating to cloud IaaS from their local or self-managed physical servers by people very experienced with virtualization, SANs and dedicated servers. Questions frequently come up about what level of RAID we use in cloud storage and how long it takes to increase the storage amount available to a server. There is also concern with using network storage, as it is perceived to be slower.