The need for data proximity globally

9 April 2018  |  Laurent Guyot 

The transition from on-premise to cloud-based server solutions is well underway as companies recognise their ease of management, scalability, flexibility, security and significant cost benefits. Whereas deciding where to house in the cloud was initially driven by technical or cloud availability, this has now shifted to meet ever evolving legal and regulatory data protection policies globally. As a result, we expect a greater use of multiple region cloud hosting solutions, even at individual country level, to ensure data is where it is required. Qwil Messenger’s secured chat platform’s proprietary technology has been engineered to allow companies to host according to their individual needs whilst sharing the common platform and app.

Location and multi-locations key to provide the speed and performance demanded 

Not putting all your eggs in the same basket also applies to cloud servers. It is only recently that large instant messaging apps, collaboration platforms and file storage services have increased the number of server location (although mostly keeping them in the U.S.) in order to address the following demands:

- Speed / user latency: End users demand speed with even very slight delays impacts the user experience / adoption. Having data centres close to the end-user is critical and the ability to send data to different regions helps to optimise this. 

- Reliability and back-up plans: Having data servers situated in independent locations close enough to minimise latency but far enough geographically to not suffer from associated power, network or weather related outages. 

- Expertise of provider: Although each cloud provider has its specialisation, a few selected providers (AWS, Azure) are leading the way in providing functionality, geographical presence and best in class security. A multi-region approach rather than multi-provider is usually used to limit the concentration risk.

However, relying on cross border treaties and privacy shields for international data transfers has its limitations.

Local legal and regulatory privacy policies are recreating borders

The cloud has fundamentally changed the shape of the data storage with no longer geographical constraints imposed by physical servers. Nevertheless, this data is still confined by the laws and regulations in the country in which it is stored, flows through or needs to be hosted. 

As witnessed by the case Microsoft being sued by U.S. Fed to gain access to emails, Microsoft only provided the metadata (e.g. subject’s address book) that was hosted on U.S. servers but not the contents of the emails themselves which were stored in the Irish data centre. Microsoft took the position that the Fed would have to follow the mutual legal assistance treaties (MLATs) process instead with the Irish authorities to obtain access to the emails. Whatever the outcome of the current legal battles, authorities will increasingly ensure data is available at their request directly without going through diplomatic means. 

To make matters worse, there may be legal obligations to protect data in one jurisdiction but hand it over in another. In December 2017, French data protection regulator (CNIL) served notice to WhatsApp giving after it refused to provide a sample of the data collected from EU citizens – WhatsApp believing it only had to comply with U.S. Laws as the data was being stored in the U.S.. WhatsApp has therefore been given one month to comply with the demands or it may face sanctions for violating the French data protection act.  

With ever-changing global data laws, companies must retain the full control of their data and fully utilise the multi-jurisdictional ability offered cloud providers to meet these demands. It also has to ensure that any 3rd party service can allow the company to continue to meet these same demands for security, access and data protection. Saying the “data is always yours” whilst having to request it under U.S. law, is not the same as having the data hosted in the company’s country with full ownership of data and encryption keys.

Why is this relevant for business communications and chat?

Effective business chat conversations require a highly dependable service, performance and speed. Having to watch the “is typing” message whilst a response is travelling through the internet (as per the poor user experience of live chat), risking suffering from outages due to server issues or 3rd party intervention (bans, limitations) may simply affect user experience for social chats, but are inconceivable for professional conversations. 

In addition, when considering regulated conversations, there may be more than one company (or in more than one jurisdiction) required to retain the full audit trail and recording – for example a three-way chat with a private banker in Switzerland, a client based in Germany and a UK lawyer. In this case, three data centres would be required whilst needing to be coordinated on one platform.   

How does Qwil Messenger meet the above requirements?

Qwil Messenger enables companies to choose the location where the backend database and server based API services are physically hosted to meet regulatory and security requirements. Every chat message, its associated metadata, as well as every administrative action performed on the platform is audited, recorded and reviewable by authorised personnel in our platform. 

We have developed a significant body of intellectual property related to our complex architecture and cloud deployment technologies to support a global multi-tenant platform, through one single app, that is both vertically and horizontally scaled. This includes the methods and techniques to make a highly available and resilient, distributed chat service safe and compliant for businesses in any jurisdiction.

Qwil Messenger solves the challenge of making chat safe and compliant when it matters most

Qwil Messenger is a branded, multi-tenant platform designed specifically for firms who need to manage financial crime and fraud risks, as well as meet recording and auditing obligations. 

To achieve the high standards required, Qwil Messenger has been engineered from the ground up to ensure each user’s identity is verified & trusted, their privacy maintained, and business data kept securely protected and hosted in line with regulatory requirements. Unique chat participation rules enable trusted parties to flexibly facilitate conversations as and when appropriate. 

Unlike other internal chat solutions, Qwil Messenger’s single app provides a superior, branded chat experience that is both convenient and familiar for staff, clients and partners. At the same time, users can also safely maximise the benefits associated with what is the most popular and fastest growing form of electronic communication globally. Further information about Qwil Messenger can be found at www.qwilmessenger.com

Further information about Qwil Messenger can be found at www.qwilmessenger.com

Interested in learning more?

Send us a request for more details or to see our solution in action

Get in touch
Follow us

© Copyright 2020  - All rights reserved.