Data Centre Regulations & UK Compliance Updates

Industry reacts as EU Data Act comes into force

The EU Data Act officially comes into effect today, ushering in a new regulatory framework that aims to give users greater rights over their data while imposing fresh obligations on businesses around access, sharing, and cloud portability. The legislation seeks to improve transparency, promote fair competition, and create a more open data economy across Europe. However, industry reactions remain mixed, with some hailing the Act as a positive step forward and others warning of challenges with its implementation. A call for resilience and flexibility Tim Pfaelzer, Senior Vice President and General Manager EMEA at Veeam, says the Act arrives at a critical moment for organisations already navigating complex hybrid environments: “Many organisations have embraced hybrid models for their flexibility, but often at the expense of data portability. "The Act highlights why flexibility must be embedded into operations from the ground up. Proactive action now will not only support compliance, but also become a competitive advantage as data sovereignty and portability grow increasingly central to digital operations.” An opportunity for trust and openness Juliet Bramwell, Vice President EMEA at Glean, emphasises the Act’s potential to rebalance the data economy: “By giving users greater access to their own data and removing barriers to switching providers, the Act shifts power back to businesses and consumers. "Data sovereignty and interoperability are no longer optional; companies that embrace these principles will be better placed to innovate responsibly and build long-term trust in AI and cloud ecosystems.” Concerns around ambiguity and burden Adam Blake, CEO of ThreatSpike, welcomes the Act’s intent, but voices concern over its clarity and impact on smaller firms: “The language on forced data sharing is far too ambiguous and could end up weakening security. "Larger enterprises may have the resources to adapt, but for SMEs, redesigning products and meeting compliance demands could become a serious bottleneck. "Five years after GDPR, many businesses are still failing to comply [and] I fear this law could face the same fate.” Balancing ambition with practicality With the EU Data Act now in force, businesses across Europe will need to assess their compliance strategies, data management policies, and technical architectures to align with the new requirements. While many see it as an opportunity to improve trust and flexibility, others warn of potential risks and burdens. How effectively the Act is enforced - and how businesses adapt - will determine whether it becomes a cornerstone of Europe’s digital transformation, or another layer of complex regulation.

4 in 5 CISOs say DeepSeek must be regulated

According to cybersecurity company Absolute Security’s UK Resilience Risk Index Report, four in five (81%) UK CISOs (Chief Information Security Officers) believe DeepSeek - a China-based AI chatbot raising global security concerns - must be urgently regulated by the UK Government before it sparks a full-scale national cyber crisis. In response to these growing risks, over a third (34%) have implemented full bans on AI due to cyber security concerns, while 30% of CISOs say they’ve already pulled the plug on AI tools within their organisation. The findings come from a recent survey commissioned by Absolute Security, which polled 250 UK CISOs at enterprise organisations via independent research agency Censuswide, to assess how businesses are coping with accelerating cyber challenges in an increasingly AI-powered world. DeepSeek, the rapidly rising AI platform, has raised significant cybersecurity concerns due to its potential to expose sensitive data and be misused by cybercriminals. These issues have led organisations and governments to reconsider their cybersecurity strategies. Businesses are already struggling to cope with the increasing complexity of cyber threats, as shown by the recent Harrods breach among others. However, as CISOs grapple with this evolving landscape, the added layer of AI-powered threats is prompting a re-evaluation of cyber defences. Three out of five (60%) UK CISOs now predict a rise in cyber attacks as a direct result of DeepSeek, with another 60% saying this AI technology is already complicating privacy and governance frameworks, making their jobs more difficult. These concerns reflect a clear shift in mindset, with 42% of CISOs now seeing AI as a bigger threat than a help to cybersecurity. The readiness gap is just as concerning, with nearly half (46%) of security leaders admitting their teams are not prepared to handle AI-driven threats, such as those posed by tools like DeepSeek. The rapid development of DeepSeek is outpacing their defences, according to survey findings, creating a growing risk that many believe can only be managed through government regulation. Andy Ward, SVP International of Absolute Security, comments, “Our research highlights the significant risks posed by emerging AI tools like DeepSeek, which are rapidly reshaping the cyber threat landscape. "As concerns grow over their potential to accelerate attacks and compromise sensitive data, organisations must act now to strengthen their cyber resilience and adapt security frameworks to keep pace with these AI-driven threats. That’s why four in five UK CISOs are urgently calling for government regulation. They’ve witnessed how quickly this technology is advancing and how easily it can outpace existing cybersecurity defences. "These are not hypothetical risks. The fact that organisations are already banning AI tools outright and rethinking their security strategies in response to the risks posed by LLMs like DeepSeek demonstrates the urgency of the situation. "Without a national regulatory framework - one that sets clear guidelines for how these tools are deployed, governed, and monitored - we risk widespread disruption across every sector of the UK economy. The time for debate is over. We need immediate action, policy, and oversight to ensure AI remains a force for progress, not a catalyst for crisis.” Despite the risks, investment in AI talent is accelerating. 84% of organisations are prioritising the hiring of AI specialists in 2025, and 80% have committed to AI training at the C-suite level, hoping that upskilling AI talent can outweigh any increasing threats. Most companies don’t intend to retreat from AI; they want to face it head-on. To use AI safely, CISOs say they need clear rules, stronger government oversight, a skilled AI workforce, and a national plan to deal with the specific risks of DeepSeek and similar tools.

Schneider Electric announces new training programme

Schneider Electric has announced the launch of its Schneider Electric Training programme in the UK and Ireland (UK&I). Schneider Electric’s vision in the UK&I is to create a best-in-class approach to training, unifying specialist academies, courses, and digital campuses into a holistic offering named Schneider Electric Training. The move is in response to the chronic skills gap in engineering and the vital role that training plays in addressing the growing complexities associated with digital transformation. The extensive programme covers everything from AI, the automation of machinery and equipment, to innovations in power and energy management, and safety standards and regulations. Schneider Electric Training will provide customers, partners, and engineers with a single point of access to the vast array of training options and resources available, covering Schneider Electric solutions, industry focused courses, and professional accreditations. It will be delivered via several specialist academies for in-person courses and a digital campus offering on-demand courses for Continuing Professional Development (CPD) via the mySchneider portal. Two academies are already up and running, with three more due to be launched by the end of the year. The Safety Academy in Telford offers a range of Schneider Electric and professional training courses to ensure the safe operation of electrical equipment and site safety, including Competent Person certification and City & Guilds assured Authorised Person training. The Automation Academy in Coventry offers a comprehensive curriculum covering Schneider Electric’s automation portfolio. It is designed to take students from basic product understanding through to advanced programming of both legacy and current technology, including Programmable Logic Controllers (PLC), Variable Speed Drives (VSD), Human Machine Interfaces (HMI), Motion Control and Robotics. David Pownall, VP Services at Schneider Electric UK and Ireland, comments, “Organisations are becoming more dependent on their electrical backbone to support operations, digital transformation, automation, and manufacturing. Electrical engineers and their specialist expertise are critical to the installation, safety, and maintenance of this electrical infrastructure. “There is an urgent need to build skills to embrace new technologies, drive modernisation, improve performance, reduce downtime, and comply with changing safety regulations. Not only that, but training is critical to career enhancement and a key foundation of a positive employee experience, attracting and retaining people when we’re facing a significant skills gap crisis. “Smarter engineers, equipped with the skills needed today and a clear development path to build expertise for the future, make for smarter businesses.” For more from Schneider Electric, click here.

How data centres can prepare for 2024 CSRD reporting

by Jad Jebara, CEO of Hyperview. The CEO of Britain's National Grid, John Pettigrew, recently highlighted the grim reality that data centre power consumption is on track to grow 500% over the next decade. The time to take collective action around implementing innovative and sustainable date centre initiatives is now - and the new initiatives such as the Corporate Sustainability Reporting Directive (CSRD) is the perfect North Star to guide the future of data centre reporting. This new EU regulation will impact around 50,000 organisations, including over 10,000 non-EU entities with a significant presence in the region. The Corporate Sustainability Reporting Directive (CSRD) requires businesses to report their sustainability efforts in more detail, starting this year. If your organisation is affected, you’ll need reliable, innovative data collection and analysis systems to meet the strict reporting requirements. CSRD replaces older EU directives and provides more detailed and consistent data on corporate sustainability efforts. It will require thousands of companies that do business in the EU to file detailed reports on the environmental impact and climate-related risks of their operations. Numerous metrics being assessed are still widely analysed within additional EU-wide initiatives. For instance, the Energy Efficiency Directive (EED) requires reporting on two Information & Communication Technologies (ICT) within the CSRD Directive – ITEEsy and ITEUsy – allowing for enhanced measuring and insight into server utilisation, efficiency, and CO2 impact. Given the anticipated explosion in energy consumption by data centres over the next decade, CSRD will shine a spotlight on the sustainability of these facilities. For example, the law will require organisations to provide accurate data for both greenhouse gases and Scope 1, 2 and 3 emissions. The essential metrics that data centres will need to report on include:   Power usage effectiveness (PUE) – measures the efficiency of a data centre’s energy consumption   Renewable energy factor (REF) – quantifies the proportion of renewable energy sources used to power data centres   IT equipment energy efficiency for servers (ITEEsv) – evaluates server efficiency, focusing on reducing energy consumption per unit of computing power   IT equipment utilisation for servers (ITEUsv) – measures the utilisation rate of IT equipment   Energy reuse factor (ERF) – measures how much waste energy from data centre operations is reused or recycled     Cooling efficiency ratio (CER) – evaluates the efficiency of data centre cooling systems    Carbon usage effectiveness (CUE) – quantifies the carbon emissions generated per unit of IT workload   Water usage effectiveness (WUE) – measures the efficiency of water consumption in data centre cooling   While power capacity effectiveness (PCE) isn’t a mandatory requirement yet, it is a measure that data centres should track and report on as it reveals the total power capacity consumed over the total power capacity built. If not already, now is the time to ensure you have processes and systems in place to capture, verify, and extract this information from your data centres. We also recommend conducting a comprehensive data gap analysis to ensure that all relevant data will be collected. It’s important to understand where your value chain will fall within the scope of CSRD reporting and how that data can be utilised in reporting that’s compliant with ESRS requirements. For example, reports should be machine-readable, digitally tagged and separated into four sections – General, Environmental, Social and Governance. While the immediate impact of CSRD will be in reporting practices, the hope is that, over time, the new legislation will drive change in how businesses operate. The goal is that CSRD will incentivise organisations such as data centre operators to adopt sustainable practices and technologies, such as renewable energy sources and circular economy models. Improving sustainability of data centres    Correctly selecting and leveraging Data Centre Infrastructure Management (DCIM) that offers precise and comprehensive reports on energy usage is a paramount step in understanding and driving better sustainability in data centre operations. From modelling and predictive analytics to benchmarking energy performance - data centres that utilise innovative, comprehensive DCIM toolkits are perfectly primed to maintain a competitive operational advantage while prioritising a greener data centre future. DCIM modelling and predictive analytics tools can empower data centre managers to forecast future energy needs more accurately, in turn helping data centres to optimise operations for maximum efficiency. Modelling and predictive analytics also enables proactive planning, ensuring that energy consumption aligns with actual requirements - preventing unnecessary resource allocation and further supporting sustainability objectives.  Real-time visibility of energy usage gives data centre operators insight into usage patterns and instances of energy waste, allowing changes to be made immediately. Ultimately, eliminating efficiencies faster means less emissions and less energy waste. In addition to enhancing operational efficiency, leveraging these real-time insights aligns seamlessly with emission reduction goals – supporting a more sustainable and conscious data centre ecosystem. Utilising the right DCIM tools can also reduce energy consumption by driving higher efficiency in crucial areas such as cooling, power provisioning and asset utilisation. They can ensure critical components operate at optimal temperatures, reducing the risk of overheating and preventing energy wastage. In addition to mitigating overheating and subsequent critical failures, utilising optimal temperature tools can also improve the lifespan and performance of the equipment. The right DCIM tool kit enables businesses to benchmark energy performance across multiple data centres and prioritise energy efficiency – while also verifying the compliance of data centres with key environmental standards and regulations like CSRD. Cutting-edge DCIM platforms also enables data centres to correctly assess their environmental impact by tracking metrics such as power usage effectiveness (PUE), carbon usage effectiveness (CUE) or water usage effectiveness (WUE). These tools facilitate the integration of renewable energy sources - such as solar panels or wind turbines - into the power supply and distribution of green data centres. As sustainability continues to move up the corporate agenda, expect to see greater integration of DCIM with AI and ML to collect and analyse vast quantities of data, such as sensors, devices, applications and users. In addition to enhancing the ease of data collection, this streamlined approach aligns seamlessly with CSRD emission reduction goals - making compliance with CSRD and similar regulations much easier for data centres. Taking a proactive approach to the data gathering requirements of CSRD and implementing technologies to support better sustainability practice isn’t just about compliance or reporting; it’s also to incentivise data centre operators towards the adoption of sustainable practices and technologies. Ultimately, data centres that are prepared for CSRD will also be delivering greater value for their organisation while paving the way for a more sustainable future.

Global Cyber Summit highlights Ukrainian experience amid geopolitical tensions

Nineteen Group, organiser of International Cyber Expo, has announced its programme for the annual Global Cyber Summit, sponsored by Sonatype, Opentext and Infoblox, and hosted at Olympia London on 26 and 27 September 2023. The summit returns with greater international appeal. Among other topics of discussion, guest speakers will provide the Ukrainian perspective on cyber security, in light of recent geopolitical events. With opening remarks by Professor Ciaran Martin CB, Chair of International Cyber Expo’s Advisory Council, the Global Cyber Summit assembles the industry’s great minds to review ongoing cyber threats, priorities and challenges. Uniquely, the programme this year invites advisors closely associated with Ukrainian government agencies to present their invaluable insight into the reality and impact of Russian cyber attacks on the country and beyond. Special guest speakers include, Oksana Kharchenko, a member of YouControl, who will delve into the challenges of managing sanctions risk in the current geopolitical setting; and Andrew Hural, Director, MDR of UnderDefense, who will reflect on the last 500 days of Russian cyber operations, determining the successes and failures of their espionage. Here are a few agenda highlights: Nicola Whiting MBE, co-owner of Titania Group, will reveal why diversity and inclusion efforts might be stalling and provide a new framework. Theresa Deumchen, Tech Policy Associate at Global Counsel, will examine the regulatory landscape concerning generative AI. Alexsander Gorkowienko, SecurityLabs’ Senior Managing Consultant at Spirent Communications, will explain how EU security regulations, such as the NIS 2 Directive, might affect businesses across the region. Jake Moore, Global Cyber Security Advisor at ESET, will shed light on his attempt to manipulate recruitment staff, land a job inside a company and gain full access to their data. Stewart Bertram, Head of Cyber Threat Intelligence at Elemendar, will utilise a mix of case studies and theories to expose the crossover between misinformation and cyber threat operations. Rashik Parmar, Group CEO of BCS, The Chartered Institute for IT, and Dr Saritha Arunkumar, IBM Public Cloud Worldwide Technical Leader - Security, will sit together on a panel to address the question: What does the rise of AI and quantum computing mean for the future of cyber security? Charlotte Hooper, Helpline Manager at The Cyber Helpline, will highlight the impact of cybercrime on individuals and what can be done to support them. Attendees can also take advantage of scheduled talks at the collocated International Security Expo. In fact, Joel Aleburu at Microsoft, will be speaking here about the role of cyber espionage in terrorist activities on the first day of the event, while Joe Wrieden, Intelligence Analyst at Cyjax, will assess the key role of Advanced Persistent Threats(APTs) in serious and organised crime on the second day. All sessions are CPD Certified. To register for free as a visitor: https://ice-2023.reg.buzz/dcnnAs press: https://www.internationalcyberexpo.com/press-pass-registration Click here for latest data centre news.

Are nuclear powered data centres on the horizon?

By Ed Ansett, Founder and Chairman, i3 Solutions Group Small Modular Reactor maker seeks large data centre partner? Across the globe, activity in the Small Modular Reactor (SMR) space is gathering pace. Governments, regulators, atomic agencies and authorities, global power manufacturers, research bodies and new market entrants are busy. For the data centre industry, the question is whether SMRs are applicable to the sector, could they change how data centres are powered? A look at the output ranges and the different models under development, and the different nuclear technologies being proposed as suitable for the sector will tell us more. The first thing to consider about an SMR is its power output. The International Atomic Energy Agency (IAEA) defines 'small' as under 300MWe, and up to about 700MWe as 'medium.' So, a large data centre deployment is at the small end of the SMR market. There are also developments in the micro modular reactor category. However, most of the recent activity in terms of regulations, licenses and investments has been in the SMR category. SMRs under development and being built tell a story Rolls Royce says its SMR will generate 470MWe. A single Rolls-Royce SMR power station will occupy a space the size of two football pitches and power approximately one million homes, supporting on-grid electricity and a range of off-grid clean energy solutions. In January 2023, GE Hitachi announced a contract for its BWRX-300 - a 300MWe water-cooled SMR. According to the company, this is the first commercial contract for a grid-scale SMR in north America. A Danish outfit called Seaborg is planning floating SMRs using barges that can accommodate four 200MWe reactors. It plans to use existing shipyards in which to create a production line for the barges. In the UK, the Office of Nuclear Regulation is assessing submissions from several firms for the licensing of their technologies. These include US-based Holtec, which submitted its 160MWe pressurised water reactor SMR-160 design developed in collaboration with Mitsubishi Electric of Japan and Hyundai Engineering and Construction of South Korea. X-Energy, a nuclear reactor and fuel design engineering company, wants to deploy its high-temperature gas reactor in the UK, saying it wants to tackle industrial decarbonisation as well as electricity generation. 'The Xe-100 can deliver reliable ‘always-on’ electricity,' it says, 'as well as increase or decrease power levels safely within minutes to respond to varying demand or supply.' UK Atomics is a subsidiary of Danish start-up Copenhagen Atomics, which is developing a containerised thorium molten salt reactor. It says its technology is 'progressing swiftly with the first non-radioactive full-size reactor prototype to be tested in the UK in 2023.' The company expects deployment by 2028. For future large data centre developments, anyone seeking a clean, reliable, low-carbon producing power generation supply, these systems could be applicable. Current options to fuel SMRs The World Nuclear Association (WNA) says there are four main SMR technology options being pursued; 'light water reactors, fast neutron reactors, graphite-moderated high-temperature reactors and various kinds of molten salt reactors (MSRs).' WNA says that, ‘Light Water Reactors are moderated and cooled by ordinary water and have the lowest technological risk, being similar to most operating power and naval reactors today.’’ Fast neutron reactors (FNR) are smaller and simpler than light water types, they have better fuel performance and can have a longer refuelling interval (up to 20 years), but a new safety case needs to be made for them.' 'High-temperature gas-cooled reactors use graphite as a moderator (unless fast neutron type) and either helium, carbon dioxide or nitrogen as primary coolant.' 'Molten salt reactors mostly use molten fluoride salts as primary coolant, at low pressure. Lithium-beryllium fluoride and lithium fluoride salts remain liquid without pressurization up to 1400°C, in marked contrast to a PWR which operates at about 315°C under 150 atmospheres pressure. Fast-spectrum MSRs use chloride salt coolant. In most designs, the fuel is dissolved in the primary coolant, but in some, the fuel is a pebble bed.' WNA also states many small reactors are being designed for industrial heat applications as well as power generation. Light water reactors are constrained by pressure limitations and operate in the 300-400°C range. Liquid metal fast reactors are in the 400-600°C range, molten salt reactors are around 600-700°C, and high-temperature reactors are 600-900°C. Possible use cases for SMRs 2022 and 2023 saw a number of large data centre development projects in the 200MWe range, many of them in South East Asia. Last year, Yondr Group said it would develop a 200MWe hyperscale campus in Malaysia. The company announced a plan to develop 72.8 acres of land in Johor’s Sedenak Tech Park. T5 Data Centres announced the planned development of a 140-acre, 200MWe government and enterprise cloud data centre campus in Augusta, Georgia, which it described as the South East US cyber security hub. In South Korea, energy and construction firm Bosung Group said it is to build a 200Mwe data centre campus in SolaSeaDo, in Jeonnam Province. The company has partnered with The Green Korea (TGK), a joint venture between South Korean energy investment firm Energy Innovation Partners (EIP) and Diode Ventures. None of these developments has made any announcement on the potential use of nuclear power as a primary power source. Today, the timeframes for SMR production and licensing stretch to 2028 and beyond, so it could be that none of the currently publicised projects can wait that long. However, things could change quickly.

Is your business compliant with data sovereignty requirements?

By Florian Malecki, Executive Vice President Marketing, Arcserve Data sovereignty regulations, like the Data Governance Act in Europe, can be challenging for companies. One of the main difficulties is keeping track of where data is stored, and ensuring that the storage adheres to local data-privacy regulations. Data sovereignty refers to the jurisdiction and control of data and how it is stored, used, and protected. It is a significant concern for businesses, as data is increasingly a main driver of decision-making and business growth. However, the growing digitisation of operations and the proliferation of cloud computing have created new challenges for businesses. Data sovereignty means that data handling must follow the rules of the country where the data is collected. So, suppose a business based in the US collects customer data from France. In that case, it must comply with the European Union’s GDPR and any other local laws in handling the data. These regulations can create problems for businesses that operate globally, as they may have to maintain multiple data centres in different countries to comply with the laws and regulations of those countries. It can be costly and logistically complicated, and it may also create vulnerabilities in data security. It also means that the country or jurisdiction where a business is based may not necessarily have sovereignty over all the data it holds. Companies also need to know and prove who has access to their data. For instance, many organisations are now putting their most sensitive information in the cloud, including trade secrets and valuable customer data. If hackers get access to this kind of information, it can risk the company's future. By keeping track of who is accessing their data, companies have a better shot at preventing unauthorised users from getting in. Data sovereignty has implications for data backup The consequences can be severe when companies run afoul of data sovereignty regulations. One consequence of not complying is the risk of fines and legal penalties. Many countries have strict laws to protect their citizens’ data, and businesses that fail to comply with these laws may be subject to hefty fines and stiff legal penalties. Businesses that don’t comply with data sovereignty regulations may also face other challenges, such as being unable to recover their data or access their backups in the event of a cyber breach or natural disaster. This situation can have severe consequences for the company, as it may be unable to operate effectively without this data. To avoid problems, choose the right cloud provider Companies can ensure they meet data sovereignty regulations by selecting a cloud service provider that complies with all relevant laws and regulations. Many cloud service providers offer data centres in different locations worldwide and can help companies ensure that their data is stored and processed in compliance with local laws. Along these lines, the European Commission has advocated for the inclusion of sovereignty provisions for cloud service providers. These sovereignty requirements are intended to put EU data out of the reach of foreign jurisdictions. Companies must do their due diligence and choose a reputable cloud service provider with a solid track record of staying on the right side of regulations. Another way that companies can ensure compliance is by implementing strong data governance policies and procedures themselves. This includes establishing clear rules and guidelines for collecting, storing, and using data and implementing robust security measures to protect against data breaches and unauthorised access. Companies should also consider implementing data masking or encryption techniques to protect sensitive data and ensure compliance with data sovereignty regulations. Additionally, with data becoming an increasingly valuable asset, companies must start thinking about more than just compliance - they must consider how they can protect their data as laws evolve and new regulations emerge. This means adopting processes and tools that go beyond the bare-minimum requirements and truly prioritising data protection. Companies can also ensure compliance with data sovereignty regulations by being transparent and open about their data practices. These practices include being upfront about where data is stored and how it is used and being responsive to any requests or inquiries from customers and clients regarding their personal data. By being transparent and open about their data practices, companies can build trust with their customers and demonstrate their commitment to compliance with data sovereignty regulations. Make 3-2-1-1 a top priority Finally, a solid data backup and recovery strategy is essential for any business because it helps to protect against data loss and ensures that critical information is available when needed. Specifically, a 3-2-1-1 data-protection strategy can help companies comply with data sovereignty requirements by providing multiple copies of essential data stored in different locations. The strategy involves keeping three copies of data, with two stored on-premises in different physical locations and two copies stored offsite, such as in the cloud. The final one in this strategy stands for immutable object storage. It involves continuously taking snapshots of your data every 90 seconds, ensuring that you can quickly recover the data even in the event of data loss due to natural disasters, cyber attacks, or other incidents. As nations race to establish sovereign data regulations and policies, the issue of data security and ownership is rapidly moving to the forefront. It is becoming increasingly important for organisations to understand where their data is stored and who holds the keys to that data, particularly cloud computing. The ongoing digital transformation amplifies the importance of these issues. Organisations must prioritise data security to safeguard their reputation and brand and bolster customer trust.

Ground Labs introduces Enterprise Recon 2.8

Ground Labs has announced the general availability of Enterprise Recon 2.8, the latest version of its award-winning flagship solution. This release enhances support for additional high scale, high volume environments on more Microsoft platforms, including Teams and OneNote, and Salesforce Government Cloud. The latest features extend the number of platforms Enterprise Recon supports for sensitive data scanning of any file type stored on endpoints, servers and cloud environments. As global regulations proliferate and become increasingly stringent, Ground Labs enables enterprises to meet these requirements and avoid heavy financial penalties for noncompliance. Powered by GLASS Technology, Enterprise Recon allows customers to define their own custom data types while maintaining their systems’ performance. “Every day, we hear about another breach, and studies show that companies are often not even aware of a breach until months after it happened,” says Brett Gribble, Head of Product at Ground Labs. “To provide a complete security and data management solution to our customers, we know data discovery must be built into the security strategy. Enterprise Recon supports the industry’s widest number and range of data types to give enterprises maximum visibility and control of their most valuable data assets.” Other key features and benefits of Enterprise Recon 2.8 include the following: ● New global data types: the ability to scan and remediate locations that store unsecured Singapore telephone numbers and next-generation US passport numbers, supporting compliance with the PDPA, CCPA and other related data privacy regulations. ● Data classification: support for the newest Microsoft Information Protection SDK version allows developers to classify and label sensitive content identified in local storage and Windows share locations. ● Reducing false positives: other enhancements to existing capabilities supporting compressed files, Oracle databases and features to further reduce false positives in larger environments have also been added. Enterprise Recon enables organisations to quickly discover, manage and remediate critical categories of data to meet privacy and compliance obligations. Enterprise Recon helps organisations comply with a wide range of international data protection regulations including GDPR, PCI DSS, CCPA, CPRA, HIPAA, PDPA, PIPEDA and CDPA.

Macquarie certified for cloud and data centre services

Macquarie Telecom Group has announced that its cloud services have been ‘Certified Strategic’ by the Digital Transformation Agency (DTA) under its Hosting Certification Framework. The certification makes Macquarie the first company to have all its data centres and cloud services Certified Strategic, a key feature of the DTA’s Whole-of-Government Hosting Certification Framework. It follows the certification of Macquarie’s Data Centre portfolio last year, which includes facilities in Canberra and Sydney. The certification comes as the Australian government increases its focus on data security via policy initiatives, including the National Data Security Action Plan, the REDSPICE project, the Hardening Government IT Initiative, the Privacy Legislation Amendment, and wider plans to reform the nation’s cyber security and privacy regulations. Aidan Tudehope, Managing Director at the Macquarie Government, says stringent certification processes like the DTA’s Hosting Certification Framework help take the guesswork out of Government agencies safeguarding data. Aidan says, “As cyber attacks continue to grow in frequency and sophistication, Australia’s cyber security industry is scaling up to meet the challenge of protecting us. “The DTA is simplifying and de-risking the decision-making process on cloud, data storage and data hosting by providing agencies clear guidelines on the security credentials, capabilities, and the ownership and controls present among cloud and data centre providers. It’s a vital mechanism to bolster our nation’s cyber security posture.” Macquarie has observed a sharp rise in attempted government cyber attacks in recent months. Providing cyber security services to over 40% of the Federal Government, Macquarie protects a threat surface of over seven billion digital interactions every day. “The value of data and the attack surface area have both increased sharply, incentivising the rise in activity we’re seeing,” adds Aidan. “We’re incredibly proud to have over 200 security-cleared staff who can work with sensitive government data. This puts us on the frontline of protecting Australian government customers from unique threat patterns which are designed specifically to target them.” The DTA Certified Strategic designation follows Macquarie recently becoming a member of the VMware Sovereign Cloud initiative, which helps customers identify and engage with trusted national and regional cloud service providers to meet their unique sovereign cloud requirements. “Looking forward, as Australia continually assesses its cyber posture, data sovereignty - the jurisdictional control or legal authority that can be asserted over data due to its physical location - must remain a top priority,” says Aidan. “To secure Australian data, we need to know where it is, who can access it, and who holds authority over it, plain and simple.”

Data centres urged to adopt renewables to avoid disruption

Following industry insight that data centres must adopt renewable energy sources to avoid the disruption of impending sustainability regulations, a sector expert is calling attention to the potential for greener fuels in decarbonising data centre backup power. The Uptime Institute’s recent report - Renewable Energy for Data Centres - highlights how wider industry developments mean data centre operators must start investing in renewable energy products. Yet at present, the vast majority of European data centres house diesel gensets on site for their backup power. The report also indicates that, while emissions reporting is currently voluntary, the introduction of mandatory international reporting standards is being discussed. In preparation for this change, Aggreko is warning data centre operators to consider updating their operations with sustainable fuels. Billy Durie, Global Sector Head for Data Centres at Aggreko, says, “The European data centre market has made significant strides in recent years in its efforts to adopt greener practices. Developments such as free cooling systems are allowing facilities to curb their carbon emissions even while the sector continues to enjoy growth. “However, with the potential for mandatory emissions reporting on the horizon, compliance may force organisations into a major upheaval of their operations. In light of this, data centres should consider pre-emptively adopting renewable energy sources to avoid disruption and supply chain bottlenecks." Hydrogen fuel cells and battery storage technology have been touted as sources of emission-free backup power. Yet with the rollout of these technologies still underway, operators are being advised to look for immediate steps to improve facility sustainability. With this in mind, Billy is highlighting the potential of hydrotreated vegetable oil (HVO). A greener substitute for diesel, HVO can facilitate up to a 90% reduction in CO2 emissions and a 15-25% reduction in nitrous oxides (NOx) and particulate matter (PM). Billy concludes “While there is much potential for hydrogen fuel cells and battery storage to remedy this challenge, action must be taken to make small switches that will make a big difference now. The disruption caused by delaying change, alongside the CapEx to purchase new equipment, mean stakeholders should look towards more affordable and easier avenues to reducing emissions. “Most diesel gensets currently in use can be easily configured to run on HVO, making it the most accessible solution right now to reducing emissions. By integrating HVO into backup power procedures alongside the ongoing green developments of day-to-day operation, the data centre sector can ensure an all-encompassing approach that will help it achieve its ambitious climate targets while avoiding costly disruption.”