Today, many companies, not wanting to incur the costs of purchasing and maintaining physical servers, choose virtual platforms. By using the services of a hosting provider, you can create a high-quality Internet portal. And at the same time, technical support will be provided by the provider’s team. Modern Russian data centers use reliable data storage systems, high levels of uninterrupted operation are achieved through duplication of engineering infrastructure components, guaranteed backup. However, in some cases, clients resort to the services of foreign data centers. Why?
We may disclose anonymous information to our business partners, such as analytics providers, or advertising and marketing partners based on anonymous data and information. We may host and share your information with our service providers who perform services directly to us or on our behalf. These include, for example, service providers who assist us with marketing communications, providing customer support, purchasing services and billing. These service providers will only use your information in accordance with our instructions and for the specific purpose.
Foreign data center: pros and cons
As a rule, the IT infrastructure of foreign data centers is advanced equipment latest generation, quality standards according to the requirements of ISO 9001 and ISO 27001, high level security and data storage control, SLA (Service Level Agreement) - standard (availability 99.5%) and individual (up to 99.995%). To ensure data security, they use the latest IT solutions, firewalls, and communication channel encryption technologies. The power supply of the data center is also implemented with a high level of reliability - up to TIER IV (everything is duplicated).How else might a foreign data center be of interest to Russian customers? Companies providing hosting abroad usually have very flexible tariff plans. They strive to provide the client with a complete package of services for almost the same money as the basic option. Clients are forced to consider such a service as foreign hosting high quality service, greater experience of employees, high speed of response to problems. Any malfunction will be resolved as quickly as possible.
For legal, safety and security purposes
International exchange of information
Cookies allow you to visit and navigate to a page on our services without having to log in again. This information helps us analyze the performance and functionality of our service to improve performance and develop new features and services. Advertising. Analysis. . Your browser location may vary depending on the browser you use.Links to third party services
Whenever you use our service, we will endeavor to maintain the accuracy of your information and protect your information from accidental destruction.
European data centers employ people who have been providing hosting services for many years, so they know how to prevent certain problems from occurring and how to fix problems as soon as possible.
For many domestic companies, an additional platform abroad also means business protection. Seizure of data center equipment, illegal blocking, long-term shutdowns - in Russia, all this has to be taken into account as risk factors when placing or leasing physical or virtual servers.
We will endeavor to accommodate your requirements regarding your data. However, we may not be able to meet all of your requirements in the following cases. If you are a minor, please seek parental consent before using our service. You may provide information only with your parent's consent. Your parents may revoke any prior consent or request access, repair, blocking, or deletion of information at any time.
What data we collect and how we do it. This information helps us understand the browsing habits of our Services and web users and allows us to improve the usability of our website. Your computer automatically provides this information whenever you log in, unless you enable blocking technologies available in some browsers. We may collect device information such as hardware model, version operating system and a unique device identifier. We may collect and store information on your device, for example by storing it in your web browser and application caches. Cookie. With this technology, we can offer you a better user experience by opening areas of your website that interest you, leaving those areas for your next visit. Advertisers use this information to target and measure advertising effectiveness. Personal information. Although we do not generally require our users to disclose personal information that allows us to uniquely identify them, we may ask you to do so from time to time. For example, this could be your email address, name, mailing address, phone number, credit card number, country, language, demographics or permanent identifier. Device Information. . In this case, the only information required for storage and processing is your email address, country and language, which are required to send you the circular.
In addition, there is a growing need for companies to make online transactions more secure from government surveillance and cybercriminals. Therefore, those who need a server with data protection from unauthorized access and a guarantee of reliable operation often consider the option of renting a server abroad. Finally, financial stability European operators The data center is another risk mitigation factor.
What we do with your personal information. We intend to use this information to tailor our website to your needs and improve our overall relationship with you. We do not collect or use any personal information you transmit to us for purposes other than those provided to us, without prior notice to you or without your express consent, except as permitted by local law. Your personal information is stored and then processed for the following purposes.
The processing of your personal data for this purpose does not require your prior consent; For marketing purposes. If you do not wish to receive these communications, simply notify us when you submit your personal information. Sign Out. Where required by applicable law, we will only send you these communications with your express consent. If you have given us permission but you do not wish to receive these communications, simply notify us after you have received the Withdrawal Procedure Circular, which will be included in this Circular.
Experts give some useful tips on how to run an Internet business in the Russian Federation and avoid problems:
- Register domains abroad - outside the.ru zone and with well-known registrars.
- Register a company abroad. Create a parent and subsidiary company. The first will own the technology, and the second will license it. This will protect the main intellectual asset.
- Use the services of several data centers. Even abroad, there is a possibility of blocking a server or data center by a court decision. Important data needs to be duplicated on equipment located not only in another data center, but also under a different jurisdiction.
- Host databases abroad. Keep your accounting on foreign servers and work via VPN. You can instantly restore office functionality.
- Document everything related to the installed software. Take care of the required level of protection for your servers and local network.
Foreign data centers also mean stability. It implies both a favorable political and economic situation abroad and uninterrupted operation of the data center. Clients of such hosting services can rest assured about the future of their web projects.
These places include countries that do not provide an adequate level of privacy protection. Example. If we need to ship something, we must provide your name and address to the shipper. We only provide third party representatives and suppliers with the minimum data necessary to complete the relevant services or transactions. Your data may also be shared with third parties if required by law or we are authorized to do so, for example, in response to government or regulatory authorities or in connection with a potential legal dispute.
Meanwhile, thanks to encryption, data center employees may not have access to your data at all. Data abroad will be fully protected. The problem is the requirements of Russian legislation, according to which it is necessary to use encryption tools certified by the FSB and FSTEC. It is unlikely that it will be possible to convince a foreign data center provider to use Russian encryption tools, and certification of foreign encryption tools in Russia is too expensive: hosting will be unprofitable. And that's another problem. In addition to the restrictions imposed by Russian legislation, a user of foreign hosting may also encounter specific requirements of local regulators.
If you are a child or minor, you are required to obtain the consent of a parent or legal guardian to engage in certain transactions on this website. In this case, you bear full responsibility for all risks associated with storing data outside of Europe. If you are a user from Taiwan, we would like to draw your attention to the following in accordance with the relevant laws and regulations in Taiwan.
We will store and, where necessary, use your personal information from the time you provide it to us by any means until you ask us to delete it. Under the Personal Data Protection Act, you may exercise the following rights in relation to personal data: any inquiry and request to view personal information; any request for duplication of personal data; any requirement to provide correct personal information; any request to stop collecting, processing or using personal data; and any request to delete personal information. Use and Disclosure of Aggregate Anonymous Data.
Finally, another drawback is certain inconvenience when paying for the services of foreign providers who use systems adopted in a particular country or international services, while Russian companies introduce payment methods that are as comfortable as possible for clients.
A reasonable compromise between domestic and foreign sites is the choice of a domestic hosting provider that has sites both in Russia and abroad. In Russia, a mixed model has already gained popularity, when part of corporate data is located in the Russian Federation, and part is transferred abroad. Russian hosting providers take into account the wishes of clients and offer customers this mixed type of data placement. Clients pursue different goals.
We protect the personal information you share with us. Additionally, our goal is to ensure the integrity of all personal data we hold. In connection with the processing of your personal data, you have certain rights. You have the right to confirm whether your personal data is processed and what data is involved. You have the right to receive information about your personal data; the purpose and methods of their processing; data manager identification; and entities or categories of objects to which we may transfer data. You have the right to: update, correct or merge your data; and deletion, anonymization or blocking of their data in case of illegal use. You have the right, in whole or in part, to prevent the processing of your personal data with due justification, even if it is relevant to the purpose for which it was collected; and prevent the processing of their personal data for the purpose of distributing promotional materials, direct sales or conducting marketing or business surveys. To speed up communication, please write in English and indicate which country you are contacting.
Reserve site
Often, a company’s IT strategy requires the presence of at least two data centers – a main one and a backup one. And this is no coincidence. After all, the loss of information or control over it, at best, guarantees large losses; at worst, it is a complete loss of business. Therefore, the deployment of a main and backup data center for a serious company today is strategically necessary and justified. It is clear that this is not cheap, but there is another solution - hosting.
Also include the manufacturer and model of your product. Revoking permission to continue using your personal information. We will remove your personal data from our databases as soon as possible. Today's globalized society cannot exist without international data transfers, and therefore this institution deserves special attention. Head of the Registration Department of the Office for Personal Data Protection.
In the following sections we will look at the transfer of personal data abroad from different perspectives, not only from the point of view of the current legislation and the current jurisprudence of the European Court, but we will focus on the long-awaited general situation on the protection of personal data, finally await its publication in the Official Journal of the European Union.
A backup data center eliminates downtime and provides the ability to immediately restore server systems in the event of a failure or serious accident.
Using a hosting service provider's foreign site as a backup data center means minimizing both risks and costs. With this operating scheme, maximum safety and reliability is achieved. From the point of view of competently building uninterrupted operation of sites, this is the right decision.
According to statistics, Russian companies consider most projects using foreign data centers from the point of view of creating two separate sites and systems that minimize risks. Thus, the use of the services of the main and/or backup data center in Europe is not only protection from raiding and administrative pressure, but also diversification of risks and the creation of a highly reliable distributed IT infrastructure.
The rapid development of advanced technologies to process and transmit more and more data has brought about new problems and challenges. Personal data is transmitted throughout more virtual and geographical boundaries and are stored on servers in many countries. The significant increase in cross-border data flows has also contributed to economic and social integration driven by the functioning of the internal market. Currently high speed internet and ever faster switching to cloud services For storing data on remote servers, it no longer matters in which country the personal data is stored, but how it is protected from unauthorized access and who and under what conditions approach and possibly additionally handle it accordingly. process them or transfer them to other entities.
Closer to the client
If target audience site are Russian-speaking users, then placing the resource on geographically distant servers can increase the site’s response time (although not always), and vice versa. In some cases, foreign data centers will good option for companies whose business is focused on the foreign market, in particular those operating in the European market.A foreign platform can be used to host data in order to connect European customers to it. The cost of traffic will be significantly lower. In addition, servers based in foreign data centers show better response times for European users. Such data centers have direct access to European traffic exchange points. For example, for traders when working on the foreign exchange market, the delay in receiving and sending data is critical, and when hosting on a foreign site, it will be much less than when working from Moscow or Samara. Latencies have to be taken into account when hosting game servers (which leads to lower lags in computer games), creating content delivery networks (CDN). Companies with large international coverage are often forced to locate data centers close to customers.
Generally speaking, it must be said that this is not only an activity where personal data is transferred from one country to another, e.g. e-mail, but also any operation by which personal data is made available to another subject for further processing.
For example, the processing of personal data in multinational companies, where the personal data of employees of controlled entities may be housed in a database on a common server, with each national entity having access to such a database and viewing the personal data or possibly additionally for processing.
Moreover, due to the poor development of Russian networks and the peculiarities of their organization, traffic from the Moscow provider to the regions often goes through Europe. Connectivity with a European data center is often better than with a Moscow one. And in general, communication may turn out to be more reliable and of better quality.
Russian hosting companies are increasingly offering hosting abroad and at the same time can compete adequately with foreign hosters. In particular, the RuVDS company, a dynamically developing hosting provider specializing in the provision of enterprise-class IaaS services, whose partners include the largest financial institutions, a number of commercial banks and social projects, plans to expand the list of services by providing clients with foreign hosting, for which it has entered into an agreement with a European data center (Switzerland), where customer resources will be located.
Brief overview of current legislation
In the area of standard contractual clauses, cf. Self-regulatory instruments may be designated as binding corporate rules, codes of ethics and certification mechanisms, provided that they are an integral part of the recipient's obligation in the third country to apply appropriate safeguards, as well as various forms of approved contractual provisions. In general, self-regulatory means for data transfers to third countries essentially require the data controller to be directly responsible for ensuring the security of the data transferred and, if necessary, for further appropriate transfers of such data.
Conclusion of service agreements, financial, legal issues, technical support will be carried out by RuVDS: the client will not have to interact with the foreign provider himself or adapt to its regulatory environment and terminology. And at the same time, the cost of services will be quite competitive.
Like in a safe
Switzerland is now positioning itself as a global data repository. Now this is one of the safest jurisdictions for locating data centers. The key advantage for the development of this business in the country was the strict laws of Switzerland, as a tribute to banking traditions.
One of the advantages of hosting in Switzerland is that the state protects physical access to the client company’s data.
Today, Swiss data centers offer their services to any company looking for a stable storage location in Europe. In particular, since the former contractor of the Agency national security US Edward Snowden documents widespread government surveillance as data center owners in Switzerland see increased demand for services safe storage data from the USA.
Switzerland is classified as a country with a minimum level of risk when hosting data.
Switzerland has established itself as an island of stability, able to withstand financial and geopolitical shocks. This fundamental stability is a guarantee of the security of your web resource. The political and financial stability of this country in itself is a weighty, but not the only argument.
Switzerland is located in the center of Western Europe, in close proximity to leading European countries with strong economies and business activity, millions of potential clients of companies doing business in Europe. Thanks to a direct connection to leading providers, such a data center can significantly reduce response time to requests from Europe, Asia and America. This means fast response time for the end user, regardless of their geographic location.
The technological development of Switzerland, combined with the data center infrastructure, allows us to provide hosting services of the highest quality and ensure a high level of customer service. The equipment used meets the most stringent performance and safety standards. Innovative security measures and effective management will help avoid possible risks. Modern equipment protects client resources from powerful TCP/UDP DDoS attacks - up to 10 Gbit/s or 4 million packets per second.
Switzerland can be considered an ideal location for a data center.
Conclusion
Large and medium-sized businesses - legal, pharmaceutical, financial and investment companies, and retailers - are now actively interested in foreign data centers. Interest from media resources may also grow. An important advantage of Russian hosting providers offering their services on the basis of a foreign site is the availability of Russian-language technical support service, which is not always offered by foreign providers. The language barrier can be a significant obstacle. For Russian hosting providers, this problem is removed automatically. In addition, various communication channels are now being used for the convenience of customers.
Russian hosting providers well understand the problems and requirements of Russian clients, and this often helps to resolve issues that arise as soon as possible, using the most suitable tools for this.
Many of the situations typical for Russia are often difficult for foreigners not only to resolve, but also to understand their essence. It is easier for a Russian provider to find a way to help a client.
RuVDS services are focused primarily on the corporate segment: government agencies, banks, stock exchange players. RuVDS servers are located in our own state-of-the-art data center in Korolev, Moscow Region, and high speed and flexible tariff plans make web hosting very attractive to customers.
The Russian hosting provider RUVDS, with the support of Huawei, commissioned a containment zone of TIER IV reliability class in the Deltalis data center in Attinghausen, Switzerland. It is designed to provide clients with rental services for VPS/VDS virtual servers. Huawei acted as a supplier of the latest generation telecommunications equipment, as well as engineering solutions for organizing a virtual environment.
The implementation of the project in Switzerland allows us to ensure a high level of data security - technological and legal - as well as optimization of access speed for European clients due to the convenient geographical location of the hermetic zone (a modular unit of a data center of the highest reliability class currently). VPS services will be offered to both Russian and foreign clients of RUVDS. According to RUVDS Managing Director Artem Fedoseev, prices for the company’s VDS/VPS services in Switzerland will not differ from the current ones in the RUCLOUD data center in Moscow, which will allow clients to choose the most convenient location for them virtual server at one of the lowest prices on the market.
The company's long-term plans include creating a universal product, equally suitable for any purpose and at the same time affordable for all users. The site in Switzerland will allow us to offer a wider range of services to clients from a variety of industries.
Tags: Add tags
- Tutorial
Oh, how much has already been said about personal data! Internet entrepreneurs were especially excited about the localization story. And it is still not entirely clear how and to whom this 242 Federal Law applies. Therefore, my colleagues from B152 and I decided to look at everything using examples and offer data storage options suitable for completely different companies.
Let us recall that it came into force on September 1, 2015, although it was adopted in the summer of 2014. There is a lot of talk about it, but there is no judicial practice yet. Therefore, we will turn to the experience of foreign colleagues.
The essence of the law is that from now on legal entities that work with personal data of citizens of the Russian Federation are prohibited from collecting and storing this data abroad - they are obliged to localize databases on Russian territory. This law makes important changes to Federal Law No. 152 “On Personal Data,” which came into force back in 2007.
In terms of strict requirements for the localization of personal data, we are far from alone. In other countries, similar laws have been in effect for many years.
Vietnam
In 2013, in Vietnam, owners of several specific types of resources (news, social networks and online games) were required to localize copies of data. Why this was done is not difficult to guess. Of course, to provide them to the competent authorities and facilitate the consideration of user complaints. The Vietnamese authorities have not introduced a ban on parallel processing of personal data abroad.
China
The Chinese took a more severe approach to the issue of cross-border data transfer, however, in relation to only one type personal information. Two years ahead of the Vietnamese, the People's Bank of China published a Notice to Banking Institutions on the Protection of Personal Financial Information. This document prohibited credit institutions from storing, processing or analyzing personal financial information received domestically abroad.
India
Also in 2011, the Ministry of Communications and information technologies of India has approved the Rules on Procedures and Practices. Such a vague title of the document implies very specific goals, namely, ensuring the security of special categories of personal data. The Rules define these very special categories; the list includes passwords, financial information (including bank account information or credit card), health information, sexual orientation and biometric data.
For these categories of personal data, a requirement has been established that their transfer to any other company or to an individual, located in India or in another state, is possible only if the latter provides the appropriate level of protection. And all this is possible only within the framework of the fulfillment of an agreement concluded with the data subject, or in case of obtaining consent to the transfer from him.
Malaysia
The final depth of our immersion in history today will be 2010, when the Malaysian Personal Data Protection Law introduced a ban on the transfer of personal data outside the country. Cross-border transfer of personal data is possible only if certain conditions are met and in a number of exceptional cases. For example: consent of the PD subject, the need to execute an agreement between the subject and the operator, the need to execute a contract between the operator and a third party that was concluded at the request or in the interests of the PD subject.
However, such innovations concern not only Asian countries. A ban on the transfer of personal data abroad was introduced in Australia, although only in relation to health data.
But against the backdrop of Federal Law-242, all the above-mentioned laws and instructions are children's fairy tales. Our law is more severe and specific.
Most of the controversy arises around the fact that this law prohibits the storage of personal data of Russian citizens abroad, but parallel storage, at first glance, is impossible to track. Moreover, the law does not contain legal instruments that solve this problem.
The Ministry of Telecom and Mass Communications clarified the issue of cross-border transmission. According to their explanations, personal data of citizens originally entered into databases on the territory of Russia can be transferred abroad in accordance with the provision on cross-border data transfer. The department also confirmed the possibility of providing remote access to Russian databases from the territory of other states.
Let's move on to practice.
There are no court decisions yet, too little time has passed. For now, we can only say that the changes affected all companies operating in the Russian Federation. What should they do and what should they do? How to organize your work now?First of all, there is no need to panic. Our colleagues from B-152 advise what to do next.
So, what to do if:
1. You are a foreign company that operates in the Russian Federation, including through a separate legal entity or branch.Option 1. Transfer data abroad in anonymized form.
This means that personal data will be located on servers in Russia, but each individual will be assigned an ID, which is transferred abroad. In this way, personal data is separated from the subject and cannot be correlated with a specific person. Microsoft offers this approach for working with its services and Microsoft Azure.
Option 2. Cross-border data transfer with storage of the primary current database on the territory of Russia.
As we have already said, the law does not prohibit the processing of data abroad, but only if the database in the Russian Federation is the most complete and up-to-date. That is, if the collection and storage initially takes place in a database on the territory of Russia, then personal data can be transferred abroad and used there. On this moment This is one of the most popular ways to localize personal data.
And the simplest option for its implementation is to use a buffer server in Russia. In this case, the data first goes to this server, and only then goes abroad. The position of the regulators allows this to be done, because the main requirement is met - the primary database is located in Russia.
Let us remind you that, from the point of view of the Ministry of Telecom and Mass Communications and Roskomnadzor, a database includes paper databases. For example, this could be a closet with personal matters employees in the form of a card index or a table in Excel.
2. You are a Russian company
The most obvious way is to transfer personal data databases, their processing, collection and storage to the territory of the Russian Federation, using Russian data centers.
However, options with cross-border transfer and anonymization are also suitable for you.
There is no separate liability for violation of localization standards. This means that Art. 13.11 of the Code of Administrative Offenses of the Russian Federation, which establishes sanctions for violation of the established procedure for the collection, storage, use or distribution of personal data. The fine for this is quite small, for legal entities it is no more than 10 thousand rubles.
But this is not the only measure of influence. An alternative is the possibility of entering domain names and network addresses into the register of violators of the rights of personal data subjects. Which is perhaps more significant than a fine.
So, what needs to be done with the urgency of “yesterday” in order to understand which of the described actions to take:
Sources:
1. Savelyev A.I. Legislation on data localization and its impact on the e-commerce market in Russia. // Law, 2014, No. 9.
2. Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011. Indian Ministry of Communication and Information Technology.
3. Personal Data Protection Act, Law No. 709 of 2010, Official Gazzette of Malaysia, June 10, 2010, P.U. (B)464.