Expert Technology and Information Security Consultants

Blog

Security in the Cloud: Part 1

Posted by: Nolan Garrett on 1/18/2012

The benefits of storing information in the cloud are extensive. Backing up important data, creating more space on your servers, and having your information easily available to your employees are only a few. If you have been considering this route, you most likely have many questions about the security of the cloud. If your company deals with sensitive information that belongs to your clients you may need to stay compliant with HIPAA, PCI or Sarbanes-Oxley regulations.

Is your cloud storage solution following these requirements? If they don’t indicate it in their privacy policies, it's not easy to tell. Let's explore this further below.

Compliance

Cloud security has become an important issue recently, as more and more companies turn to online storage solutions, seeking greater simplicity, scalability and affordability. Yet the cost in both money and reputation for improper handling of customer data can be extremely high indeed. If your organization needs to comply to key regulations associated with patient privacy (HIPAA), credit card security (PCI) or the finance-sector strictures of Sarbanes-Oxley, it can be difficult to find out if a service complies with these important restrictions.

Who is responsible

Cloud security is paramount when handling your sensitive data, but whose responsibility is it? Should you assume that if it is not spelled out in the privacy policy, that a service provider doesn't adhere to these regulations? Even though this is clearly the safest option, it may leave you unable to use cloud computing at all. Many services don't provide detailed information in their privacy rules, presumably to lower their liability. The hope is that over time cloud storage and sharing will become better self-regulated and companies will choose to disclose their individual practices to the businesses they serve. While such self-regulation is not required at this time, many businesses think it is their duty to display clear warnings, explaining what they don't provide or guarantee.

In the end, as cloud computing service providers are not required by law to be transparent regarding their security, the responsibility rests in your hands. If you choose to use the cloud, it’s your responsibility to choose a service provider you trust. Weigh the advantages and disadvantages and make the best decision for your business.

Create a trackback from your own site.

0 Comments

Leave A Comment



CAPTCHA image
Please enter the CAPTCHA phrase above.



Recent Comments

"In this day and age when everyone seems connected to each other, people share more information in public which has attracted identity thieves and scammers who want to make an easy buck. Having relevant information from this post is a good way to make people more aware that they need to be more vigilant and cautious in making data and their lives public." Read more
by Dallas shredding on Phishing Scams: Tips On How to Save Yourself From Becoming Prey

"All in one I got everything I need about android phone and more. You got a great blog here! keep posting. " Read more
by adwanes on Get More Out of Your Android Phone

"boss." Read more
by hair salons on Microsoft Lync 2010 and AOL IM Federation

Follow Us

  

Share This Page

Request Information