Data Residency

The physical or geographic location where data is stored. Data residency matters for regulatory compliance, as some laws require data to remain within specific borders, and for practical considerations like latency, disaster recovery, and legal jurisdiction. Organizations must understand where their data physically resides, which can be complex with cloud services that distribute data across multiple regions. Data residency differs from data localization (legal requirements to keep data in specific locations) and data sovereignty (legal authority over data based on location). Cloud providers typically offer region selection, allowing customers to choose where data is stored. However, backups, redundancy, and administrative access may create copies or access paths in other locations. Organizations should document data residency, ensure alignment with legal requirements, contractually require appropriate storage locations from vendors, implement technical controls enforcing residency, and audit actual storage locations periodically.