Intelligent CIO Europe Issue 81 | Page 52

FEATURE : SECURITY THREAT

As such , the first step in achieving responsible cloud migration is for an organisation to recognise ownership and responsibility to the valuable data it possesses . Ultimately , the success in migrating to the cloud relies on data accountability and ensuring all members of the team understand the privacy policies surrounding it . Establishing a culture of organisational security and recognising the worth of one ’ s assets will make it less likely for the keys to be handed to a stranger without a background check .

Cloudy rules for data compliancy that data can potentially be accessed in its pure state by anyone , including partners . Publishing data to the cloud without considering data privacy is akin to giving a stranger the keys to your shop and trusting them to lock up .

Cloud providers don ’ t provide physical infrastructure for audits , nor are consumers permitted to verify vendor security , making background checks difficult . It instead relies on an honour system , which is in contrast to the standard practice in vendor data security of ‘ trust but verify ’.

The main issue here is data accountability . Resultsdriven organisations , perhaps too separated from their sensitive data , are looking for quick ways to optimise their data and share the responsibility . Unfortunately , in an eventual cloud breach , as cloud security offerings are often found to be lacking , cloud providers will find a loophole to pass the responsibility back to its user .

In this instance organisations may find that publishing data to the cloud immediately conflicts with their internal data security policies and regulatory compliance requirements , running a risk of incurring large fines when subjected to a compliancy audit . When deleting data from the cloud the element of hazy trust appears : consumers cannot verify if their data has been deleted ; it is at the discretion of the cloud vendor .

52 INTELLIGENTCIO EUROPE www . intelligentcio . com