How do you assess the Data Residency requirements in an IoT—enabled solution?
Data Residency is a requirement in some jurisdictions, where certain laws and regulations mandate that certain types of data remain within the boundaries of the jurisdiction. This covers issues and practices related to the location of data and metadata, the movement of (meta) data across geographies and jurisdictions, and the protection of that (meta) data against unintended access and other location-related risks. Data Residency restrictions are common with financial data and health data, but may also apply to critical data (industrial secrets, IP, etc.)
The IIC Data Protection Best Practices whitepaper defines Data Protection as an umbrella term that covers several adjacent and overlapping domains, including data security, data integrity, data residency, and data privacy. The table below (p32) describes (high level) some for the best practices for Data Residency.