Security in the Cloud: Part 1

There a variety of advantages to cloud computing. Backing up important data makes it easily accessible to everyone in your company and frees up space on your servers. You probably have several questions about cloud security and might be pondering if cloud security will protect your client’s data and comply with HIPAA, PCI or Sarbanes-Oxley regulations.

It can be hard to tell if your solution follows these requirements, as many don’t specify in their privacy policies. To help you navigate these difficult waters, let’s consider this topic in greater detail below.

Compliance

Security has long been an important issue and as increasingly more companies turn to the cloud for storage solutions the question arises: How secure is the cloud? Storing information in the cloud can be quite economical, yet the cost for poorly handling customer data can be quite high. If your organization must comply with regulations like HIPAA, your main dilemma is what regulations do cloud adhere to.

Who is responsible

Cloud security is paramount when handling your sensitive data, but whose responsibility is it? Should you assume that if it is not spelled out in the privacy policy, that a service provider doesn’t follow these regulations? While this is clearly the safest option, it may leave you unable to use cloud computing at all. Many services do not provide detailed information in their privacy rules, presumably to reduce their liability. The hope is that with time cloud storage and sharing will become better self-regulated and companies will choose to divulge their individual practices to the businesses they serve. While such self-regulation is not required currently, many businesses think it is their duty to display clear warnings, outlining what they don’t provide or guarantee.

Currently there is no law in place that requires a company to divulge this information. Cloud computing services can save your business money while boosting efficiency, but they could also risk noncompliance with privacy laws. This leaves the risk on your shoulders and it is up to you to weigh the benefits and threats for yourself. The topic of cloud security is likely to be one of much debate in coming years. At the present time, the right road to travel is the one which best meets your company’s specific needs.


Posted on: 01.18.12