Data Location

Objective

Establish policies to restrict sensitive GC workloads to approved geographic locations.

Applicable Service Models

IaaS, PaaS, SaaS

Mandatory Requirements

Activity	Validation
<ul><li>According to subsection 4.4.3.14 of the Directive on Service and Digital: “Ensuring computing facilities located within the geographic boundaries of Canada or within the premises of a Government of Canada department located abroad, such as a diplomatic or consular mission, be identified and evaluated as a principal delivery option for all sensitive electronic information and data under government control that has been categorized as Protected B, Protected C or is Classified.”</li></ul>	<ul><li>Demonstrate that the service location is within Canada for all Protected B cloud services where configurable, in accordance with the applicable cloud usage profiles.</li></ul>

Activity

Validation

<ul><li>According to subsection 4.4.3.14 of the Directive on Service and Digital: “Ensuring computing facilities located within the geographic boundaries of Canada or within the premises of a Government of Canada department located abroad, such as a diplomatic or consular mission, be identified and evaluated as a principal delivery option for all sensitive electronic information and data under government control that has been categorized as Protected B, Protected C or is Classified.”</li></ul>

<ul><li>Demonstrate that the service location is within Canada for all Protected B cloud services where configurable, in accordance with the applicable cloud usage profiles.</li></ul>

Additional Considerations

None

References

Direction on the Secure Use of Commercial Cloud Services: Security Policy Implementation Notice, SPIN 2017-01, subsection 6.2.3
Directive on Service and Digital, subsection 4.4.3.14

SA-9(5)

Page details

Date modified: