Cloud Computing; How Safe is your Data in the Cloud?
With the recent leaks of the NSA PRISM program, privacy is of ever-increasing concern to people of the United States and the world. At the same time, there is an increasing trend towards Data and software cloud services. When businesses are storing their information on the amorphous Internet cloud, how can they be assured of privacy?
Cloud Computing – Privacy and Security
Data security is of huge concern to those businesses adopting cloud computing, and with good reason. Security threats are constantly evolving and growing more sophisticated. Of course, at the same time, cloud providers are themselves growing more sophisticated, to protect against these threats.
Where is the same concern about privacy? Storing data on the cloud is supposedly a protected method. There are laws in place to prevent breaches of privacy, but they aren’t as straightforward as it may seem.
If you sign a cloud computing contract with a company in the United States, you would assume you operate under United States law. However, if that company subcontracts their hosting to a data center in Europe, you actually abide by EU law. The same holds true for subcontracting to less private locations such as China, where laws may even allow their government immediate and total access to data stored on their servers.
Cloud Computing – A Wealth of Data
You don’t have to worry just about your own data, but also about the data you unwittingly send. Think about it from the perspective of the cloud software provider. These providers are capable of logging every keystroke, every mouse click and every change you make along the way. Some are upfront about mining this data for anonymous user statistics. Some might be interested in more. How much information are you simply giving away?
If a cloud company harvests data about their clients, it might be valuable to other companies in competing positions. They might be able to find out how many salespeople are using a given company’s software. They might be able to analyze certain statistics and predict market growth. How much would this information be worth to the right people? Enough to warrant the possible breach of privacy?
Cloud Computing – Primary and Secondary Information
There are protections in place for primary data – that is, data that you host on the cloud yourself. If your company uses a cloud service for sales and gathers customer addresses and credit card numbers, that data cannot be uncovered or mined by the cloud company. Whether or not the government can, of course, depends on the location of the servers and the local laws. For the most part, this data is private.
Secondary data, which is information gained by the cloud company based on usage, is less protected. A company might invest quite a bit of time into a customized design for their software, and the cloud might see how it is used and record that data. How much control does each side have over this data? Who owns the intellectual property here? These are tough questions that, today, have not been answered in legal terms.
Benefits of the Cloud
Despite privacy concerns, the cloud is still an excellent path for many businesses to take. Using software as a service or hosting data as a service are both good routes for certain businesses to take. Until a major flaw is found with user privacy, the privacy concerns that come with cloud services are minor enough to be ignored.
Of course, nothing stops a business from relying on traditional dedicated host servers. Beyond data privacy and security, local host servers are still a valuable option. Many businesses benefit from using both dedicated servers and cloud services simultaneously.[Guest Post]