Cloud Business

Cloud Business Featured Article

Can Customers Rely on Third-Party Cloud Vendors to Increase Security, Data Protection?

Cloud computing has become increasingly important for giving companies access to additional computer capacity for data processing, enterprise servers, cloud storage and backup/restore remote sites for disaster recovery.

In the cloud, the platform and infrastructure is designed to accommodate the needs of most PC users; cloud computing offers cost benefits and more flexibility than other computing methods.

The benefits of cloud computing are evident both from a consumer’s point of view and a cloud service provider prospective: consumers can take advantage of cost savings – hardware and software costs for on-site apps are lowered, and the need to buy servers and databases is virtually eliminated – and of the increasing competition among third-party cloud service providers (CSP (News - Alert)) that offer information and communications technology (ICT) resources over the Internet.  

Since cloud computing implies data sharing between the customer and the service provider, there are concerns and issues regarding its security, the data flow across legal jurisdictions, governance, risk and compliance (GRC).

The loss of governance has consumers question if they can trust third-party CSPs to provide the security and privacy necessary to effectively store and handle their data safely. 

Concerns consumers have include:

1. Fear of having to transfer some or all control of computing resources to CSPs, making them wonder and question what goes on with their data on the virtual server.
2. Worry about what will be done with their data: Will it be encrypted in transit or transmitted to other entities, or will it be placed in a dedicated or shared data center or in the cloud?
3. Who will have access to their data; how their personal data will be used?
4. Will the cloud suppliers safeguard their information without ever selling it to a competitor for money?
5. Will host providers provide enough data protection from hackers and against cyber-attacks?
6. In a nutshell, consumers want to have explicit control of their data as well as the ability to decide who gets it and where it is stored. They also want to know if there are appropriate security controls implemented.

Uncertainty in the security of cloud computing and the risk of private data becoming publicly available have been factors for customers not adopting cloud computing. If security issues and data protection concerns are not addressed and clarified via Service Level Agreements (SLA), some customers might be reluctant to use cloud-based services. The same goes for if they can’t trust third-party cloud service providers to provide the security and privacy necessary to effectively store and handle their data safely in the cloud through adequate monitoring and enforcement mechanisms.

Speaker Gary Davis, Deputy Commissioner, Office of the Data Protection Commissioner in Ireland, recently addressed several of the data protection issues surrounding cloud computing services; the new guidelines he issued mention how and where data are stored and who will have access to it. The guidelines have been published to explain cloud computing rules and are aimed at companies or small- and medium-sized enterprises (SME) who wish to use cloud computing services and know how to protect data effectively.

As revealed, in a PwC study from April, many companies have been reluctant to fully adopt cloud computing due to security concerns. In May, the Department of Enterprise and Jobs unveiled cloud computing standards for small- and medium-sized businesses (SMB) that have helped companies weave the cloud into their storage system.

Even though the future of cloud computing looks a bit “cloudy” due to a service providers’ compliance with data protection laws and regulations, there are CSP responsibilities for the customer’s data once they are stored and processed. New regulations and standards are finally been devised and published; there are requirements relating to security, compliance and data retention, contained within EU data protection reforms and cloud storage.

Want to learn more about cloud communications? Then be sure to attend the Cloud Communications Expo, collocated with ITEXPO West 2012 taking place Oct 2-5, in Austin, TX. The Cloud Communications Expo will address the growing need of businesses to integrate and leverage cloud based communications applications, process enhancement techniques, and network based communications interfaces and architectures. For more information on registering for the Cloud Communications Expo click here.

Stay in touch with everything happening at Cloud Communications Expo. Follow us on Twitter.