These days, issues with public 'clouds' developed by US tech firms are widely discussed, from almost weekly Facebook data leaks to GDPR compliance issues with Microsoft and Google products. At Nextcloud, we recently blogged about how Sweden, the Netherlands and even the US privacy watchdogs all concluded that US clouds are not GPDR compliant. But what choice do EU government agencies have besides the products provided by US tech giants?
Europe taking back control over data
Many EU institutions and governments are coming to the conclusion that from a security and compliance perspective, parking data in some offshore cloud is not an option. The EDPS is even investigating the situation at the EU level!
The German Federal Government chose to deploy their own internal file sharing and collaboration solution based on Nextcloud and so has the French ministry of the Interior. Countless other government organizations in Europe, from cities like Geneva, Vienna, Hamburg and Tallinn to agencies like the IT service provider for the German state Thuringia, made the same choice already.
Nextcloud, a European company with employees in 10 EU countries, provides the most popular self-hosted alternative to Microsoft Office 365. We offer governments, hospitals, law agencies, banks, universities and other organizations a way to take back control over their data in the most simple and efficient way: keeping it on their own servers. Every one of these organizations already has its own IT staff and infrastructure, and rather than migrating everything to 'the cloud', our solution enables them to leverage their existing investments and keep data where it is, secure and compliant.
Avoiding public clouds
As has been shown countless times, public cloud infrastructures are no solution when dealing with privacy and security sensitive information from citizens. Those consumer-grade solutions like Dropbox, Google Apps or Office 365 were not designed with privacy regulations and security concerns in mind, mixing data from consumers and businesses, spread out in data centers across the globe.
Rather than trying to work around their limitations, Nextcloud provides a security-first solution which puts IT in complete control over the location and access policies of data with a hybrid or private cloud solution. We covered the main reasons for self-hosting on our website, with the main issues brought by public 'clouds':
- No control over data access
- No control over data locality
- A single points of failure
- No information when a hack takes place
- No control over changes that are made to the code and infrastructure
The solution
As of today, public cloud solutions are NOT compliant with the GDPR, but a solution that ticks all boxes exists. Nextcloud offers a full, web-based team productivity solution with file storage, document management, chat and video conferencing, word processing, spreadsheet, presentation, e-mail, calendar and contacts. All in a web browser or apps and clients, and with the ability to collaborate, share and co-edit with others.
Nextcloud offers all encryption and security measures needed to protect data and can be deployed quickly and efficiently due to its deep integration in existing infrastructure. The entire solution is open source and runs on-premises, in the fully certified data centers already managed by your organization. This avoids the need for new data center contracts, certifications and extensive reviews!
The EU leading?
A number of European governments have already opted for a self-hosted European cloud technology, but leadership can and should come from the top. The EU itself has shown itself to be, with the introduction of the GDPR and related regulation of the IT sector, a champion for EU business, privacy and security.
Building a cross-department, Europe-hosted private cloud for the employees of the various EU institutions would be a great way to lead. At the same time, providing policy recommendations and guidelines to the various governmental layers in the EU would be another way to take positive leadership on this topic. Prioritizing independence from foreign-owned and hosted technology would not only inject significant resources in the EU IT economy but also create leverage in negotiations for EU IT projects and lower IT costs across Europe massively.
There are Europe-based, self-hosted alternatives in many areas, and Nextcloud is just one of them. France is building a secure messaging platform on the UK based Matrix technology, the British Collabora, the German CIB and the Latvian ONLYOFFICE offer self-hosted, EU based office solutions and so on.
The solutions are there, the EU and in particular the Council just needs to see them. Lead!