Data processing centers are already a crucial part of digital business, and transparency centers – although less widespread – are becoming part of that picture too. But the two can be confused or poorly understood. Enterprises wanting to make sure they’re protecting their security in the best way possible will want to get to the bottom of this.
Here, we’ll take an in-depth look at both, examining their different purposes and what your business should consider when using each as part of its security practice.
What data processing centers do
Data processing centers hold servers and computers that process your business’s information. Increasingly, data processing centers are separate from the data-owning business’s premises for safety, security and cost-effectiveness.
According to Market Prospects Insights, “Data center operations include installing and maintaining network resources, ensuring data center security, and monitoring systems responsible for power and cooling.”
Speaking of power and cooling, more businesses are now thinking about the environmental impact of data processing. Thankfully, data processing needn’t cost the earth.
You can seek out data processing centers powered by renewable electricity, either in a country where grid power comes mostly from renewable energy, like Norway, Brazil or New Zealand. Or, process your data with a company that powers their data center by buying electricity only from renewable sources.
Consumer expectations of transparency are growing. How can your business get it right?
Why data center location matters
Regulation can also impact where businesses choose to process their data. You’ll need to know how laws in the territory you and your customers are in could affect your data security.
A third factor influencing where you process your data may be company values. At Kaspersky, we use two data centers in Zürich, Switzerland to store all threat-related data from our product users in Europe, North and Latin America, the Middle East and several Asia-Pacific countries. We chose Switzerland because of its long history of neutrality, as part of our Global Transparency Initiative (GTI.)
What transparency centers do
Wondering what next-level trust between businesses looks like? You may soon have the opportunity to examine your software supply chain in a new level of detail.
In the last few years, some tech industry leaders like Huawei, Microsoft and Kaspersky have established ‘transparency centers.’ These give their partners the chance to see how their products work – down to the source code.
Outside the open-source software movement, software source code is usually a closely guarded trade secret. But increasingly, front-runners realize that finding ways to safely and securely let partners and clients inspect their code helps build the trusting relationships businesses need to thrive.
Communications giant Huawei established its first transparency center in Brussels in 2019. Huawei explains what they hope to achieve with their center: “Through the Cyber Security Transparency Centre, we plan to increase communication and collaboration with security professionals, governmental agencies, customers and other industry stakeholders, in order to develop a secure and trusted digital environment.”
Microsoft opened transparency centers in Brussels and Redmond, Washington in 2014 to 2015 as part of its Government Security Program (GSP.) Matt Thomlinson, Vice President of Microsoft Security highlighted how transparency centers can contribute to better economic outcomes for all: “Only by increasing confidence in digital solutions […] can Europe ensure that every citizen, business and government feels the benefits of the digital revolution.”
Kaspersky started creating transparency centers in 2017 and now has seven, in Zürich (Switzerland,) Madrid (Spain,) São Paulo (Brazil,) Woburn (USA,) Tokyo (Japan,) Singapore and Kuala Lumpur (Malaysia.) We welcome customers and partners, including authorities responsible for cybersecurity, from anywhere in the world to visit these centers.
How Kaspersky customers can use our transparency centers
We suggest clients visit a transparency center if they want to know more about our data security, privacy and management practices, encryption methods or supply chain risk management.
When customers visit our centers, we have experts on hand to give any technical information about our source code and technologies. We have three levels of access, like the beginner, intermediate and advanced slopes on a ski field – designed to allow a broader range of client visitors to get something out of the experience.
Regulators and enterprise clients could use our transparency centers to review software development documentation, review all versions of a build or check which information our solutions send to the cloud.
They could rebuild our source code to ensure it matches publicly available modules, and read what independent auditors – including a Big Four accounting firm – have said about us in recent security reports.
While few businesses have transparency centers today, others are adopting similar ideas. Showcase centers, for example, let customers try out the firm’s latest tech and in some cases, securely review code. UK-based telecommunications multinational BT established a showcase center for its financial services products, where their customers learn more about their products – especially security features.
Today, businesses must understand where and how their data is processed and ensure processing conforms with regulation and their organization’s values. Find out what opportunities you have to better understand what’s happening with your data. If you have an opportunity to visit a transparency center or other facility that lets you get up close and personal with the code of organizations in your supply chain, take up the offer – regardless of which ski slope you’re on.