Non US-Based XaaS

A number of our clients have legal responsibilities that are challenging for us in the age of SaaS, PaaS and other aaSes.

First… a bit of context…

The majority of these services are US-based and subject to the US Patriot Act. Our clients are in breach of their responsibilities when using a US-based service because of the Patriot Act. As such, we must ensure that data reside on Canadian soil or on soil that respects our clients' legal obligations. I imagine this issue is not limited to Canada.

Some US-based companies started to offer data residency in other countries. This is not necessarily satisfactory for some of our clients. The US government can compel US companies to provide data under its control or that of its subsidiaries, whether on US or non-US soil and regardless whether the data belongs to a US national or not.

This is a challenge for D-Cogit. We exchange freely with our clients about their confidential information through conversations, documents and solutions. We have not been able to find many suitable service providers that can guarantee the respect of Canadian law.

For example, we can not use Slack. It is both a US company and there is no option for Canadian residency of data. This would put us and our clients at risk if anyone communicated about patient information on Slack. We would need to ensure communications and document exchanges with our medical and para-medical clients contain no patient information. This would be a ticking time bomb – I believe it would only be a matter of time before someone slips up.

We started making a list of non US-based service providers. I would appreciate your knowledge in this field. It being 02:25 right now, I need to wait until mid-day to start this list – I am sure my team would not appreciate if I were to wake them right now.

Thanks in advance!

1 Like

Same challenge for European countries. The EU has launched an initiative in order to cope with the apparent lack of provides who fully comply with European data protection laws:
https://ec.europa.eu/digital-single-market/en
I guess that some of the projects will release open source products that could be deployed in non-EU countries, too.

Synology offers a host of cloud solutions for on-premise installation.

If it's hosted Filemaker services you're after then fmphost.com (highly recommended) have a Toronto based service for FMS19 hosted instances, albeit run on a US owned companies infrastructure (AWS)...
FileMaker 19 Database Hosting - FMPHost

We’re talking about the SaaS playground:
Example:
Dropbox
Mailchimp,
Survey Monkey
Goto meeting
Wave
Digital signature and contracts management
Project management
Tasks management
Collaborative tools eg slack
Etc

Some of the best options, especially for collaborative work, are cloud based. There’s no point using any of these tools if you cannot attach data to your appointments, projects, mailing lists, etc.
The issue isn’t finding one, it’s the difficulty, in the current offer, to find quality feature rich alternatives to integrate several services to cater client business needs while respecting the rule that data remains in Canada ( or whichever country the client is based in. )
Typically clients in the private practice of paramedical care cannot afford to custom develop every single app they need to bring it on premises.
What good is Claris Connect if there are no suitable (Canada bound data) service to integrate to one’s business solutions?

1 Like

two options from my perspective
first: find a hoster in your country that does hosting
second: do the hosting of application/group/auth server on a rented server

for the first option: in Germany I'd ask e.g. qutic who are based in Frankfurt and do inhouse hosting, FM hosting, Nextcloud hosting, server homing, they have expertise in those fields and maybe can help if the service I need is not yet in their portefolio

the second option is by far more complex to deal with. Get a hoster with server hosting based in your country, set up a Linux server of your prefered flavor, set up something like a Univention (https://www.univention.de) instance that already includes a certain level of infrastructure like domain management/administration and serves as a frontdoor to your own infrastructure. There you can host/integrate many apps and service like Next- or OwnCloud, Kopano, Jitsi... This can of course also be done inhouse and on premise.

I'm a bit biased regarding the Univention thing because I've been at their yearly summit at the beginning of 2020 when those events still took place. Two days with many really committed people showing so many opportunities and a really nice community ( and good catering :slight_smile: ) But one would either have to hire an expert or rent some service or get ones hands really dirty diving into this.

2 Likes

I believe Microsoft with their Azure offering is mindful of this with Canadian data centers. Ideal for a bunch of services, including servers for FMS.

1 Like

Australian and New Zealand have the same issue with regard to data privacy. There is a special dispensation for use of AWS. So, NZ can use AWS Sydney. The issue with AWS is that they reserve the right to move your stuff around as they need to. For example, where is the data in Glacier stored?

Microsoft announced that a new datacentre will be opening in Auckland, NZ. That's great news for NZ, as it puts the clouds a little bit closer.

1 Like

I think you will just get a Linux server hosted in NZ/AUS and then install the Linux version of FMS and be happy.

1 Like

@MonkeybreadSoftware, yes that's possible. But I want to play with all the toys too :cry:

Currently FM Cloud and Claris Connect is US hosted only.
I have not seen any note that this changed.