May 19, 201401:33 PMLegal Login
with Mindi Giftos
Data security in the cloud
(page 1 of 2)
I recently received an email from Apple notifying me that my cloud is nearly full and for an additional fee I can move onto an even larger cloud that can address all my virtual storage needs. This prompted me to question what exactly I was storing in the cloud and why. If you ask companies that have opted not to move to the cloud why they have resisted, by and large they will cite data security as the key inhibitor to cloud adoption within their organization.
But more and more companies are making the transition to the cloud and enjoying the efficiencies, lower costs, and conveniences associated with doing so. The tradeoff, of course, is loss of control over your own data and (what sometimes can be an unsettling) dependence on a cloud computing vendor. Following are some issues to think about if your business is considering a move to the cloud.
1. Does the vendor meet your specific needs? Many cloud services (like my Apple cloud) were designed with individual consumers in mind, not the enterprise. This means that not all cloud vendors are created alike and the move to the cloud must be done after a rigorous internal review of the enterprise’s needs. Once the internal review has concluded, shop your cloud computing and/or storage needs to more than one vendor. If you start asking the right questions you may find that the features and capabilities of vendors differ more than you otherwise may have expected.
2. How does the vendor handle data breaches? Keep in mind that your company’s data breach risk profile may shift dramatically with a move to the cloud. For example, smaller, technology-focused businesses may be amassing a significant amount of data, but in isolation the data is still an insignificant piece of the whole. But when those smaller companies co-locate their data in the cloud, the result is big data, which means a much bigger target for hackers. Hackers (at least those who don’t have a personal axe to grind) are tempted by big data. So your data, in isolation, may be uninteresting to a hacker, but that can change when combined with the data of similarly situated companies. Discuss with your vendor how it handles data breaches and make sure that you will be notified quickly, included in the investigation, and indemnified for the associated costs.