Palantir To Reshore All UK Data Processing From US

Palantir announced that the company plans to shift its entire UK data processing out of the United States. This move comes at a time when data privacy regulations are increasing and tightening across the globe and data sovereignty become a top compliance requirement.

According to Palantir, by the end of 2022, the company will provide UK clients such as the NHS, Cabinet Office, and Ministry of Defense with the option to move all data processing within the UK. While Palantir already hosts all UK customer data within the country, handling of metadata is currently done in the United States.?

The company said the shift will allow the UK to be "fully autonomous as regulations change and geopolitical threats around the world increase." The shift of data processing operations will not affect only clients based in the UK, but it will also enable customers in the European Union (EU), such as the German Police, to opt for localizing their data.?

A changing privacy landscape

The move comes as regulations on how personal data should be stored, handled, and processed are changing. The Schrems II ruling in the EU, for example, makes data sovereignty a key privacy and security requirement and affects all cross-border data transfers. The new Standard Contractual Clauses (SCCs) adopted by the European Commission impose more responsibilities and technical controls to govern the transfer of personal data between an EU member state and a third country. Other privacy regulations, such in China, India, and Brazil, also dictate the necessity of maintaining a local copy of all personal data processed by organizations.?

As a result of these privacy requirements, there is an increasing shift towards localizing data processing operations to comply with tougher regulatory requirements. Part of this trend is the adoption of cloud-neutral security solutions for data encryption and access control to ensure the lawful transfer and processing of personal data.

Bring your own security to protect your data

Based on the shared security model that governs cloud security, organizations are free to adopt industry best practices to sperate the protection of their data from other services offered by cloud service providers. Duty segmentation offers better security for your data and your organization.

Adopting a Bring-Your-Own-Security (BYOS) approach to data protection – to include encryption and authentication – brings several tangible benefits for all organizations.

• H3. The SolarWinds attack has taught us a key lesson – the use of different technologies, independent from the cloud provider, can eliminate considerable threat vectors and make the lives of adversaries hard. Considering that adversaries seek to exploit vulnerabilities to let them into networks and move laterally undetected, increasing the level of difficulty in doing so acts as a deterrent.
• Control your regulatory compliance. As more and more countries enact privacy regulations and laws, businesses are required to adopt solutions to provide the flexibility needed to operate under various jurisdictions. Segregating duties and opting for authentication and key management solutions that meet the specific operating and compliance requirements is the best practice for mitigating unlawful process of personal data.
• Control your own security. Deploying your own, neutral solution allows you to maintain a centralized, flexible control of your access security, keys, and data.
• Avoid the risks of vendor lock-in. Vendor lock-in presents risks from a commercial, regulatory and threat perspective, which may increase the overall risk environment. As businesses are looking to reduce their exposure to business risks and increase resilience, segregation of duties is the best practice for strengthening their security and privacy posture.

Thales is a world leader in providing vendor agnostic security solutions to help you protect your assets and data wherever they are – on-premises or in the cloud. Thales SafeNet Trusted Access lets you keep control of your access security and averts the risks of vendor lock-in.

To learn more how BYOS and Thales SafeNet Trusted Access can benefit your organization, download this whitepaper .