There are many reasons why locality restrictions need to be taken into consideration and it’s something CISOs and resiliency officers need to factor in. A balance needs to be met between taking advantage of the best features of the cloud while meeting your locality requirements. Google Cloud helps you meet your business objectives; whether your architecture is all-in on Google Cloud, a hybrid pattern which may be on-premises and Google Cloud, or on Google Cloud and an alternative cloud provider.
Before starting to design your architecture you need to consider the locality requirements you need to meet. These can at a high level be one or more of three scenarios:
- Data localization: Data needs to be stored and processed within a specified entity (for example the EU) or a specific country or designated countries.
- Data residency: Data is stored in a specified geographical location.
- Data sovereignty: Builds upon both data localization and residency, but to meet sovereignty requirements, you will be subject to regulations and laws of an entity such as the EU, regulated industry groups, or a specific country.
These scenarios are often conflated because they are related, yet they are distinct.
Designing your locality restricted architecture requires you to also design your disaster recovery (DR) architecture to meet your localization requirements. The approach to designing your DR architecture for locality restricted architectures is the same as designing DR architectures that do not have any DR locality restrictions, but with augmentation to address the locality requirements.
Start by reading the Google Cloud disaster recovery planning guide. Next, as you consider locality-restricted workloads, Google have two additional DR guides that focus on meeting locality restrictions:
- Architecting disaster recovery for locality-restricted workloads – Start here and focus first on the requirements discussed in the planning section of this guide. This also discusses the locality features of a subset of the Google Cloud portfolio which is useful to review when designing your overall architecture.
- Disaster recovery use cases: locality-restricted data analytics applications – This guide helps you understand what designing your DR architecture looks like in practice. It has two data analytic use cases which have locality restricted requirements. The guide talks through the locality considerations for both use cases.
Use the following flowchart to help you determine what you need to take into consideration when designing your DR architecture architecture:
If you end up considering custom solutions or partner offerings, then use the Google Cloud disaster recovery planning guide together with the locality restricted guides Architecting disaster recovery for locality-restricted workloads and
Disaster recovery use cases: locality-restricted data analytics applications to help you with designing your locality restricted DR architecture.