Apple Deal Underscores Safe Harbor’s Importance in Business Communications

Safe Harbor data privacy lawsThe news that Apple is going to spend nearly $2 billion on new European data centers—and the open secret that it’s doing that to assuage Europeans that their data won’t leave Europe—recently put Safe Harbor laws for privacy back in the news.

$2 billion! That’s Real Money Even for Apple

As Everett Dirksen used to say, a billion here, a billion there, and pretty soon, you’re talking real money—even for a company like Apple with a valuation of around $1 trillion.

Apple is willing to pay whatever it needs to pay to reassure the world that their privacy is safe.  That’s because dealing with privacy and security is such an important part of doing business in 2015.

Secure Data Centers and Compliance

It’s also why 8x8 invests so heavily in the privacy and security of its own global cloud communications infrastructure—including our own data centers on six continents—so that businesses that trust 8x8 for their communications can have confidence in 8x8’s ability to provide data privacy and security.

8x8 Safe Harbor Listing

8x8’s efforts were rewarded recently by the company’s recent listing in the US Department of Commerce Safe Harbor Registry as having services that are in compliance with the US-EU/EEA and US-Swiss Safe Harbor Framework that was developed in coordination with the European Commission.

The European Union’s Data Privacy protection laws specify that companies operating in the European Union and European Economic Area are not permitted to send personal data to countries outside the member states of the European Economic Area.

Essentially, 8x8’s listing means that the company has met the requirements of the framework—something that requires work, attention to detail and solid technology, as well as a lot of documentation.

Developing a Culture of Compliance is Critical

But it also signifies something more: a security-oriented culture of compliance, which is often the hardest security objective to achieve. In addition to Safe Harbor listing, 8x8 can now lay claim to third-party validated HIPAA, FISMA, and PCI compliance, but it has taken years to get to this point. It takes a long time for most companies to reflexively think about security and compliance in everything they do, from engineering to operations to accounting—something that 8x8 achieved many years ago.

That’s a big part of the reason that 8x8 is the only major cloud communications company with third-party validated communications and contact-center solutions. It also helps us offer such things as customized Business Associate Agreements (BAAs) to support all of our customers’ HIPAA compliance. And for our customers using PCI for business transactions and e-commerce, our contact centers and phone systems can be configured to support secure transactions. We’ve engineered these capabilities into our solutions, and we’ve created good processes behind them to back them up.

8x8’s Culture of Compliance Helps Business Rest Easy

In the words of Jon Byers, an 8x8 customer and IT specialist at BCFoods, “We can have a global presence with secure and simple communications—all for much cheaper than most other options.”

That’s the bottom line for many customers: They don’t have to worry that their phone systems or contact centers will jeopardize their security, privacy or compliance. And at 8x8, we work hard to keep it that way.



Mike McAlpen


Mike McAlpen is the Executive Director of Security and Compliance at 8x8, one of the largest US VoIP providers for business. Prior to this, Mike was a business leader with Visa, Inc. Global Information Security and Compliance. Before this Mike was a leader in HP Professional Services Information Security, CIO/CISO Advisory and other services for nearly 12 years. Mike is a frequent Information Security speaker, a three-term IT Services Management Foundation President, on the Board of Directors of the Silicon Valley ISSA, and active in ISACA, FBI/DHS InfraGard, U.S. Secret Service’s Cyber Crime Task Force and the American Bar Association Science and Technology Section’s Information Security Committee. [...] Read More >

  • icon-gray-linkedin.png