Companies, not just vendors still responsible for data security in cloud
As more organizations migrate resources and information to the cloud, decision-makers need to understand that the responsibility of sensitive information remains with the company, regardless of where the information resides.
A recent report by the U.K. Information Commissioner's Office said cloud computing's economies of scale is offering firms the ability to host large volumes of data in the virtual environment's for a low price. Even if decision-makers sign a contract that puts some security responsibilities on the service provider, businesses will ultimately be held accountable if a breach occurs.
"The law on outsourcing data is very clear. As a business, you are responsible for keeping your data safe," said Simon Rice, ICO technology policy advisor. "You can outsource some of the processing of that data, as happens with cloud computing, but how that data is used and protected remains your responsibility."
The report suggests decision-makers learn how sensitive information will be kept safe once it has been moved to the cloud. Executives then need to create a written contract with the vendor, which will eliminate the provider's ability to change the terms of the service without a business' approval.
A separate report by CloudTweaks said companies that migrate confidential information to the cloud should consider having a backup plan in place to ensure a company will be able to retrieve valuable data if something were to go wrong in the cloud. Organizations should also regularly test cloud hosting services to ensure they meet corporate and customer demands.
There is no longer any doubt that cloud computing is being adopted on a global scale. As this trend continues to occur, decision-makers must be prepared for the worse or risk encountering serious problems down the line.
- Welcome to GoGrid!
- I'm a live Cloud Expert.
- What questions do you have today?