Datacenters vs main offices for cybersecurity related

[Sam.F]

Hi everyone happy new year!!!!!!
My company is trying to be compliant to cybersecurity and i have a question for you guys. The main thing that my company is worried about is defense drawings not to be emailed/transfer to other countries.
We see other companies with their own websites that provide us with customer portals and we use that to transfer the files to them. (We want to make one like them) But my question is this i saw that the data centers are in San Francisco CA where the hosting company is for our website but the main offices are in Europe. So the files are all over the place. Is this acceptable per cybersecurity that the datacenters are local. But the main offices in Europe.

Thank you.

 

[yodon]

Cybersecurity is just about protection. Isolating and limiting to just US is more of a CMMC thing.

 

[Sam.F]

*Just US* well the datacenters are in San Francisco CA But the main offices are in Europe so thats a NO right...

 

[yodon]

For CMMC, I'd say that's a no.

 

[Sam.F]

Like Google, amazon, or Microsoft they all have datacenters in the US but some out of the US. I guess when you ask Google for customer service when you are using them people from outside of US can take your call and help you and they will be able to see your files. Is like when you call AT&T customer service in CALIFORNIA and you want to speak Spanish so people from Mexico answer that phone call and they can see your account.

I'm just confused about all this cybersecurity stuff.

Like lockheed is making metal parts in china, india, japan. Like other companies in the US have people working for them remotely from all over the world. I just don't undertand.