Data Residency: A Technical Perspective with Skyflow’s Manish Ahluwalia

In this episode, Manish Ahluwalia, the field CTO of Skyflow, discusses the technical aspects of data residency and the usage of a data privacy vault.

He explains the concept of data residency and data localization. He noted that with the increasing amount of data being generated and shared, it is becoming increasingly important for organizations to ensure that their data is being stored and processed in compliance with local laws and regulations. However, this is a technically challenging problem because data typically ends up all over the place and companies lose track of what and where they’re storing it.

Ahluwalia then discussed the role of a data privacy vault in addressing data residency concerns. He explained that a data privacy vault is a secure, centralized repository for sensitive data that can be used to enforce data residency requirements.

He also discussed how companies can use the data privacy vault to ensure that data is only accessed by authorized parties, and that the data is only used for specific purposes. He also explained that data privacy vaults can be used to track and audit data access, which can be useful for compliance and regulatory purposes.

Topics:

• What is data residency?
• When did data residency requirements first start and what was the motivation behind their introduction?
• Why is this hard for companies from a technical perspective?
• How are companies solving this problem today? What technical solutions/options do they have at their disposal?
• What are the key technical considerations when designing a data architecture that meets data localization requirements?
• How does a data privacy vault help simplify complying with a data residency requirement?
• How do you ensure that data stays within the specified geographic boundaries during transfers and storage?
• In the scenario where there’s multiple vaults, one for each country with a data residency law, how does something like computing global analytics work?
• If I’m using a data privacy vault to meet data residency requirements, how does sharing data with third parties work?
• In the vault world, tokens are stored within the downstream services. How does a company control access to who or what can detokenize that data to retrieve the original value?
• What are your thoughts on the future of data privacy? Are the technical challenges of protecting customer data going to get easier?

Resources:

• What is Data Residency & How Can a Data Privacy Vault Help?