Data Location

Objective

Establish policies to restrict GC sensitive workloads to approved geographic locations.

Key Considerations

• [ ] As per the Direction on Electronic Data Residency (ITPIN 2017-02), "All sensitive electronic data under government control, that has been categorized as Protected B, Protected C or is Classified, will be stored in a GC-approved computing facility located within the geographic boundaries of Canada or within the premises of a GC department located abroad, such as a diplomatic or consular mission."

Validation

• [ ] Confirm policy and tagging for data location.

Applicable Service Models

• IaaS, PaaS, SaaS

References

1. SPIN 2017-01, subsection 6.2.3
2. ITPIN 2017-02