Data Residency Compliance in 2 Steps

Do I Need to Change my SaaS Solutions? Achieving Data Residency Compliance in 2 Steps

Stefano Tempesta Technical 2 Comments

Suppose you are working with customers in countries that enforce strict data residency requirements. In that case, you may need to adjust the way your business application, such as Salesforce or Dynamics 365, stores its data to comply with the relevant regulation.

For example, countries like Russia require that all companies operating in the country store Russian citizens' personal data on servers physically located in Russia. According to the law, while collecting personal data, the operator is obliged to ensure recording, systematization, accumulation, storage, clarification (updating, changing), and extraction of personal data of Russian citizens with the use of databases located on the territory of the Russian Federation. This requirement is especially relevant for organizations using cloud services located outside the Russian Federation, such is the case for Salesforce and Microsoft when running their respective CRM SaaS solutions.

Moreover, the law actually equates the depersonalization of personal data to destruction. Thus, the processed personal data must be destroyed or anonymized upon achieving the goals of processing or if achieving these goals is no longer necessary.

This poses a problem of handing PII (Personally Identifiable Information) in a way that:

  1. Data is stored on a server physically located in the country.
  2. Data is anonymized in the vendor's application (Salesforce, Dynamics 365).

Let's see how Connecting Software can help with these requirements by introducing a solution for transferring data into local storage and encrypting/decrypting this data as part of the process.

Step 1: Data Transfer

You must store any personal data entered in a SaaS application on storage that is physically located in the country (or an approved territory) to comply with data residency laws. You can achieve this in two steps:

  1. When data is entered in the SaaS application, you check if it is personal data, meaning that information in that data is sufficient to identify a person. If it is, the data is transferred to a database located in the country.
  2. Data is anonymized, and a reference key is returned to the application for storage in its own database.
Image

Step 2: Data Anonymization

We need, however, to keep a copy in clear text of these anonymized values, something like a reference table that associates a Personal ID to its original value. This reference table should be persisted on a database located within the borders of the country in question.

Image

We need, however, to keep a copy in clear text of these anonymized values, something like a reference table that associates a Personal ID to its original value. This reference table should be persisted on a database located within the borders of the country in question.

Image

Data Residency Compliance in 2 Steps

Data is, therefore, intercepted by a browser add-in and transferred to a protected database within the country. The process, implemented in Connect Bridge, goes through a set of connections between the SaaS application, the APIs for anonymizing this information, and the final storage. Data, obviously, is protected with encryption in transit and at rest. The plain data is stored in the local database, and the anonymized version of it is stored inside the SaaS application.

The inverse process applies when reading data in a view of the SaaS application: the value stored in the specific field of the entity in the SaaS application is used to lookup the actual value in the local database, and displayed on screen.


Want to learn more? I recommend these articles from our blog:

Ana Neto - Technical advisor, Author

Stefano Tempesta
CTO
Connecting Software

Author:

CTO at Connecting Software, Microsoft Regional Director and MVP

Do you have any questions or comments about this article?

I would love to have your feedback, leave a reply below!

Comments 2

Leave a Reply

Your email address will not be published. Required fields are marked *