One of the most unifying aspects of the Internet is the fact that it has no bounds. Once published, information is available anytime and anywhere. Yet, while the Internet knows no borders or boundaries, the data it contains and the users who provide this data to service providers fall under a wide range of jurisdictions. Just because the data may be accessed or used in one country, it may be stored halfway across the world. What is acceptable data in one country, may be prohibited in another. As data breaches has unfortunately become part of our daily lives, there has been increased regulations around not only how personal and private data is managed, but also where it is transferred and stored. More and more, local and national and international laws are being worked out to define where and how data, and any sensitive information it may contain, can be handled in its jurisdiction. It is for this reason that service providers, website owners and developers must understand what the legal implications of how they handle their data.
At Lockr, data security is our sole mission. We provide a simple and secure way to store the keys and tokens that unlock sensitive data and services. Holding these keys to sensitive data and services for our client is a large responsibility, one we do not take lightly. We understand fully well the data we hold and its importance, which is why we have built in multiple security layers to the system. From encrypting the data before we store it to only allowing access to keys from servers in partnering hosting providers (or ones we issue private certificates to), to providing multiple redundancies and internal backups, we do all we can to protect our clients from the loss or exposure to their sensitive keys and tokens. However, all this data was stored and managed in data centers located entirely within the United States. Until now…
When we first announced Lockr last year at DrupalCon Barcelona, it was met with a warm reception from the community. We had a chance to talk to many developers and site owners who expressed that it was just what they were looking for in a defense in depth approach. Many though expressed their desire to have the data stored within the European Union (EU) and not in the United States. This request did not fall on deaf ears. It was a plan we had from the beginning, but wanted to make sure we took the steps to ensure we had the model for Lockr down in one region before expanding into another.
This is why I’m proud to announce that Lockr now has an entirely isolated service inside the EU. We believe that by providing this option, managing keys and tokens should not be a decision between data sovereignty and convenience. Now available in the modules and plugins we provide (as well as our generic connection library) is the chance to pick which region you want to reside in. Data stored inside these regions is entirely isolated and not shared amongst each other, providing the EU with a simple and secure key management service that complies with the laws that govern it. At Lockr we believe in data security, and as part of that we also take data sovereignty just as serious.
Welcome to the Lockr family EU!