A multinational retailer processes customer orders on several public cloud platforms. Due to regional privacy laws, personally identifiable information (PII) collected in each country must never leave that country's borders, even for backup or analytics. Which strategy best satisfies this geographic data-residency requirement?
Protect data with advanced credentials and a robust login policy
Deploy widely distributed servers that automatically copy data to any node
Use a hosting service physically located in each region to store local records
Rely on customized encryption keys stored in a different territory
Keeping each country's PII solely in a data center or sovereign cloud region that is physically located within that country prevents the data from crossing borders, fulfilling location-based compliance obligations. Strong authentication controls improve confidentiality but cannot guarantee the storage location. Encrypting data or storing keys elsewhere still allows the ciphertext to reside anywhere. Automatically replicating data to global nodes directly violates a strict residency mandate.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why do some countries require data to be stored locally?
Open an interactive chat with Bash
What is the role of hosting services in data localization?
Open an interactive chat with Bash
How does data replication differ from data localization?