TechValley x HUFS 베트남, 싱가폴 AI & Software 해외 연수 프로그램
2024년 05월 05일
베트남의 데이터센터 황금알을 낳는 거위가 될까?
2024년 05월 28일💬 Panel Discussion : Data Sovereignty and Security
🔗 Navigating Vietnam’s Cybersecurity Landscape for Cloud and Data Centers
Thank you very much, Patrick, Peter and Leif. During our session, our experts will explain how these rules impact the way companies innovate, grow, and stay secure. We’ll discuss the real challenges companies face when they try to follow these laws, and we’ll look at ways businesses can keep innovating while they handle these changes, stay compliant, and strengthen their security to avoid data breaches. Let’s get started and dive into these important issues.
Question 1
“Patrick, as we delve into the topic of personal data protection regulations, could you describe how the new laws in Vietnam have shaped business strategies and offerings? What specific opportunities and challenges have these regulations introduced for your company?
Answer 1
“First off, I would like to explain some regulation Vietnam government is enforcing. There are 4 regulations.
In order to start e-commerce on the Internet, you must follow the Cybersecurity Decree No. 53.
Banks and finance institution must follow the laws of the SBV (The State Bank of Vietnam)’s circular 09/2020 – which called “Information Systems and Security in banking operations”.
All companies who are owning personal information must comply with PDPD: (Personal Data Protection Decree) Decree No. 13/2023/ND
Securities companies must abide by the regulations of the SSC (The State Securities Commission). In particular, Vietnam and foreign securities (증권 chứng khoán ) should submit the plan for building DR, preventing cyber security, protecting personal data.
Well let me articulate more about Vietnam PDPD (Personal Data Protection Decree) No. 13.
In Vietnam, the right to personal data protection is a fundamental right, and its protection is paramount given the rapid pace of technological advancement as of now. With the majority of information now being stored in physical and cloud storage, there are always risks of data breaches and information loss. Hence, protecting personal data must be a top priority.
In the explosive period of information technology, personal data, especially personal data in cyberspace, becomes a valuable resource that criminals and bad objects could collect, trade, used to commit acts of infringing upon human rights, civil rights, violating the law.”
Question 2
“How do you think organization and companies can use cloud service under PDPD No.13?”
Answer 2
“According to PDPD decree No. 13, there is no specific restriction or mention of cloud service – such as location of cloud and data storage. But when the data is transferred to overseas, the company should submit “The Assessment of Impact of Personal Data Processing” to MOP (Ministry of Public Security specifying the information below.
“Also the company should store data as 3-2-1 policy and store back up not only in local but remote location (DR: Disaster Recovery) or cloud-based backup or security solutions which can be used to protect personal data from malware and other cyber threats.
Last but not the least, the company who owns the personal data must provide reports on audit of compliance with information technology regulations and conduct audit.”
Question 3
Patrick, coming back to you, considering the ongoing changes in the regulatory landscape, how is your company planning to sustain innovation and growth? What role do these regulations play in your long-term business development strategies?
Answer 3
“Our role and business strategies is simple. In order to abide by these decree and circular, specially data sovereignty, we provide local Data Center and Hybrid cloud services.
Our Data Center is connected with global POPs (Hong Kong, Singapore and Europe) and also public cloud (as aws DX, Azure ExpressRouter). It is the best scenario and combination of hybrid cloud and best connectivity.
Besides our own DC, Cloud and connectivity, we’re cooperating with Amazon Outpost service (private cloud) and AWS Localzones service in HN which is scheduled to open end of 2024.
But our role is not just limited to infrastructure but also teaching, guiding and securing data of clients.
We also have various BFIS (Bank, Finance, Insurance and Securities) customers and we have dedicated team to meet the requirement of compliance – audit, control of cloud service, quality, risk management and Managed cyber security service – analysis, protection and training.
Our strategy is customer-centric, we’re working close with government policy maker and our enterprise customers. We’re making the best of our experience and we’re trying the best effort to facilitate compliance and make a successful cloud journey in Vietnam.”
💬 Vietnam Tech blogger, TechValley CEO
📧 Subscription inquiry: patrick@techvalley.biz | go2hanoi (KakaoTalk)
🔗 LinkedIn: www.linkedin.com/in/patrickdykim/
