Op-Ed at Computerworld: Legally, do you dare trust your business’s data to the cloud?
At Computerworld, writer Steven J. Vaughan-Nichols discusses the issues of security and privacy in “cloud computing,” and issue I’ve written about before. Cloud computing is when you upload, store and access your data at an online service owned or operated by others. The lack of control of your data is a substantial problem, as is the question of the physical location of the data and which country’s laws your personal information are subject to.
In “Falling through clouds,” Vaughan-Nichols has advice for corporations considering moving their operations to cloud-based service providers:
Everyone knows the big virtues of using cloud computing services: They’re cheap, you can scale them on demand, and they’re fault-tolerant. Everyone also thinks they know cloud computing’s vices: a variety of security and management concerns. What a lot of people have been missing, though, is that there’s another real problem with cloud computing: legal liability.
You see, the default contract from Amazon Web Services and the other major public cloud providers puts the onus for any privacy trouble that might develop on you, the customer, not them. [...]
Trust is important. Eli Lilly was burned publicly once before by an accidental release of the e-mail addresses for nearly 700 subscribers to its Prozac.com e-mail alert. The company certainly doesn’t want a repeat performance of that, and no company wants to be left holding the bag in the event of a data breach because of the negligence of a cloud provider. [...]
So, is moving to the cloud still worth it for your company? It may very well be, but before making the jump, you need to have your in-house counsel, as well as your IT staff, go over the package. [...]
Or, as I’d sum it up, when it comes to cloud computing, it’s better to be safe than sorry regarding both the legal and technical issues.
Possibly related posts: