One example of an organization that plans on using such technology to get around data residency restrictions is the New Democratic Party (NDP) of Canada, which is a beta tester of the CipherCloud product. The NDP wanted to move its applications to Salesforce.com but was concerned about having its database of 24 million voters stored on Salesforce.com servers in the U.S.
"We really liked the Salesforce.com product, but we were highly reluctant to have our data stored in the U.S and being prone to the Patriot Act," said James Williamson, IT coordinator at the NDP. "Also, being a political party, our members our highly sensitive to storing their [personal data] in the U.S," he added.
Initially, the NDP considered the encryption services offered by Salesforce.com but decided not to pursue that avenue because the encryption keys would also be held by the provider. "If the Patriot Act was invoked, they would hand over the key, so there really was no protection," Williamson said.
At the recommendation of Saleforce.com, the NDP tried one other vendor that offered a similar encryption approach before trying out CipherCloud. So far, the experience has been positive, Williamson said. CipherCloud's technology has allowed NDP to encrypt and decrypt data on the fly, with no noticeable impact on performance, he said. The fact that key management functions are under the control of the NDP has lessened the risk of NDP's voter data being accessed in an unauthorized fashion, he said.
Sign up for Computerworld eNewsletters.