At the time of writing, the Brazilian Legislature was debating new laws that might require companies doing business in Brazil – or simply with Brazilian people or entities – to store any personal data accruing from the transaction locally, within the country.
That debate has been fuelled by the revelations surrounding the US National Security Agency’s internet surveillance programmes and the power the NSA has assumed to demand data, at any time, from US companies.
At the same time, so-called “safe harbour” agreements between the European Union and the US are also being called into question for the same reason.
And closer to home, in the UK, many organisations are looking to ensure that their applications and data are kept locally, too, so that they can better control exactly where their data is kept and who has access to it – partly for peace of mind, but also because of growing regulatory concerns.
Coventry University recently decided to move its local data storage infrastructure outside its premises as its IT needs expanded, while keeping the core computing on-premise.
“When it was out of hours, we weren’t coping very well – it was a keep your fingers crossed scenario,” says Stephen Booth, head of central computing services at the university.
Something had to be done, but during the tender process, larger but more remote providers were quickly ruled out. “We consider ourselves to be an up-and-coming university of a certain size, and if we’d gone with somebody like Amazon, say, we’d have been a very small fish in a very big pond,” says Booth. “Matching the sizes of the companies was very important.”
It wasn’t just customer service that Booth was concerned about, but also “things like the UK’s Data Protection Act and the US Patriot Act, which meant that, first of all, if it was a provider within the UK it made it a heck of a lot simpler”.
“On top of that,” he adds, “we had two specific requirements for our provider: to be close-by for hands-on support, but also the other data centre [for backup] had to be far enough away from Coventry that if anything happened it was unlikely to be affected.”
Following a tender process, Coventry University contracted French computer services company Bull, which runs a significant chunk of its UK operations from Barnsley in Yorkshire. This provides a 20 millisecond data flow between the two locations.
Booth describes corresponding “aims and synergies” between the companies, and a contract that has made the university one of Bull’s top five customers in the UK.
“If we did pick up the phone, we’d get a good response,” says Booth. “We’ve also been able to benefit from specific SLA [service-level agreement] targets, so when we put in a call we get a call-out within four hours, 24 hours a day, 365 days a year.”
There are also some interesting bespoke additions to the contract: in the recent A-Level clearing period, for example, Bull provided Coventry University with an on-site engineer in case of any problems with its potentially overburdened systems.
“He actually just sat there doing his email for two days,” says Booth. “But had something gone wrong, he could immediately have stepped in.”
With so much hardware still inside the university’s buildings as it considers a more wide-ranging “journey to the cloud”, Booth maintains that he is “after service, and not just infrastructure so, for example, with the on-site storage we’ve got, Bull manage a lot of that”.
He continues: “We manage it from – almost – an operating system level. But the hardware and the infrastructure, maintenance and management is on-site in Coventry, and is also managed by Bull. So it’s not just that we use their data centre for data recovery and backup – they’re doing a managed service across the board.”