The dangers of Microsoft Azure for the Channel Islands – and how to overcome them

Posted: 09/01/2019

Is 100% reliance on Azure public cloud appropriate for the Channel Islands?

The rewards of moving to the cloud are widely understood. Accessibility, reduced costs, scalability, removal of maintenance burden – many businesses across the Channel Islands have taken full advantage of these benefits.

In particular, many have opted for Microsoft Azure as their provider – one of the largest, most reliable and most cost-efficient public cloud providers available.

However, in recent years, the conversation surrounding cloud technology has changed, making relying on public Azure alone potentially dangerous.

The first reason is data privacy. Microsoft Azure is of course a US-headquartered business, and the US Government has a number of legislative tools available to it that allow it to access data held in any datacentre owned by US-headquartered businesses, no matter where in the world those datacentres may be. These include the Patriot’s Act, but also the recently-passed CLOUD Act, the Electronic Communications Privacy Act, National Security Letters (NSLs), and the Foreign Intelligence Surveillance Act (FISA).

There are many entirely legitimate businesses who would simply prefer to avoid the possibility of their data being accessed by the US Government. The reticence may come from the nature of their services and the confidentiality they guarantee to their customers. Often, it stems from the sensitivity of the data they hold, such as customer records, geo-location data, health data or intellectual property. In other cases, it is simply because of firm ethical principles that resent the possibility of government access.

The second reason why total reliance on public Azure is not always a suitable option for the Channel Islands is that many businesses are keen to take advantage of the Channel Islands’ tax structures. The absence of Microsoft datacentres on the islands inevitably means that data is stored in the UK or further afield. However, as Barclays’ landmark dispute with the UK’s HMRC showed in 2006, where your data is stored, processed and accessed from can have implications on where you are deemed to be managed and controlled from, impacting your tax liabilities. If too much of your data-driven activities are found to be technically conducted off-island, this may undermine your standing as a Channel Islands business.

So what’s the solution? The tools, capabilities and scale of public Azure are market-leading, making writing Azure off as utterly unusable rather unpalatable. And migrating wholesale to an alternative platform would be a brave move to say the least. But equally, continuing to rely on public Azure may be uncomfortable.

How does a pro-Azure, privacy- or residency-conscious business find a suitable balance?

The secret is a hybrid Azure cloud environment. Use public Azure for compute resources, analytics and perhaps the storage of less sensitive data, while sensitive data, critical applications and intellectual property are earmarked for a more suitable environment – one whose location is pre-specified, reassuringly permanent and in an appropriate jurisdiction.

Microsoft Azure Stack is that more suitable environment. It is a natural extension of Azure and delivers the same agile and innovative services seen in public Azure, but from within defined, identifiable, jurisdiction-specific datacentres. Calligo is not only the sole cloud provider in the Channel Islands to offer Azure Stack, but also the owner of the largest third party network of Azure Stack deployments in the world.

Click here to download our guide to Microsoft Azure and Data Privacy, and how a hybrid Azure deployment could work for your business.

Share this