top | item 29342290

(no title)

kronin | 4 years ago

> I think there's another word missing: "data sovereignty". Depending on your business, your customers might need to keep user PII within their country.

That's assuming a single multi-tenant saas footprint.

There is absolutely nothing preventing you from standing up a footprint in each compliance region and customers are assigned to the region that satisfies their requirements for data location.

You get the benefit of less footprints to manage, while still meeting the requirements necessary to serve your customers.

And if you have a customer that absolutely must have isolated infrastructure, stand one up for them and pass along the increased cost associated.

discuss

zdragnar|4 years ago

It is worth emphasizing an aspect of your point when you mention "compliance regions"- this does not necessarily mean geographic regions or different countries.

This setup is how every company I have worked for that has had government clients handles them- a dedicated 'footprint' isolated from your commercial footprint, even if it remains on the same cloud provider. AWS even has GovCloud regions specifically for this scenario.