Establish policies to restrict GC sensitive workloads to approved geographic locations.
- As per the Directive on Service and Digital "Ensuring computing facilities located within the geographic boundaries of Canada or within the premises of a Government of Canada department located abroad, such as a diplomatic or consular mission, be identified and evaluated as a principal delivery option for all sensitive electronic information and data under government control that has been categorized as Protected B, Protected C or is Classified."
- Confirm policy and tagging for data location.
- IaaS, PaaS, SaaS
- Directive on Service and Digital, subsection 4.4.3.10