t cht lk
t cht lk
Publishing data to the cloud without considering data privacy is akin to giving a stranger the keys to your shop and trusting them to lock up .
data without consent – sometimes to locations even the cloud isn ’ t aware of .
Cloud platforms are nebulous , leading to organisations often having their data spread across multiple levels , making it difficult to monitor and the risk of data loss a real threat . Further , when data is placed in the hands of another vendor , it possesses the passwords and encryption keys needed to secure the data . This means that data can potentially be accessed in its pure state by anyone , including partners . Publishing data to the cloud without considering data privacy is akin to giving a stranger the keys to your shop and trusting them to lock up .
The main issue here is data accountability . Resultsdriven organisations , perhaps too separated from their sensitive data , are looking for quick ways to optimise their data and share the responsibility . Unfortunately , in an eventual cloud breach , as cloud security offerings are often found to be lacking , cloud providers will find a loophole to pass the responsibility back to its user .
As such , the first step in achieving responsible cloud migration is for an organisation to recognise ownership and responsibility to the valuable data it possesses . Ultimately , the success in migrating to the cloud relies on data accountability and ensuring all members of the team understand the privacy policies surrounding it . Establishing a culture of organisational security and recognising the worth of one ’ s assets will make it less likely for the keys to be handed to a stranger without a background check .
Cloudy rules for data compliancy
Cloud providers don ’ t provide physical infrastructure for audits , nor are consumers permitted to verify vendor security , making background checks difficult . It instead relies on an honour system , which is in contrast to the standard practice in vendor data security of ‘ trust but verify ’.
In this instance organisations may find that publishing data to the cloud immediately conflicts with their internal data security policies and regulatory compliance requirements , running a risk of incurring large fines when subjected to a compliancy audit . When deleting data from the cloud the element of hazy trust appears : consumers cannot verify if their
70 INTELLIGENTCIO EUROPE www . intelligentcio . com