Establish policies to restrict GC sensitive workloads to approved geographic locations.
- As per the Direction on Electronic Data Residency (ITPIN 2017-02), "All sensitive electronic data under government control, that has been categorized as Protected B, Protected C or is Classified, will be stored in a GC-approved computing facility located within the geographic boundaries of Canada or within the premises of a GC department located abroad, such as a diplomatic or consular mission."
- Confirm policy and tagging for data location.
- IaaS, PaaS, SaaS
- SPIN 2017-01, subsection 6.2.3
- ITPIN 2017-02