|By Unitiv Blog||
|July 18, 2012 08:15 AM EDT||
While many organizations have been making the move toward cloud computing solutions for the past several years, the fact remains that we’re really still in the early days of figuring out how all of this is going to work. Even more than that, the laws on the books that apply to cloud solutions are woefully behind. This creates a number of challenges, both for data centers and for consumers.
Questions of compliance
Businesses, for example, are facing some serious concerns when it comes to cloud solutions. A legal firm might have attorneys who store client-related documents on Google Drive or Dropbox, for example. The question of how well protected that data is isn’t always clear. In fact, it is often those in the legal arena dealing with issues of compliance that are challenging such cloud service providers, and forcing them to examine their security policies and their security solutions.
Another important area to look at is expectations. When a consumer places a document on a cloud storage service, for instance, what does the consumer believe about that file? Does she assume that she’s the only one with access to the file? Is it possible that personnel at the cloud provider might be able to view that file?
Explicit statements from cloud providers about who can access a client’s data and when help to clarify the issue, but whether those policies meet client expectations is another issue altogether.
Yet another issue comes to light when we think about how cloud solutions physically work. For example, a given application server might reside in Europe. Suddenly, the data entered into that application isn’t subject to the laws of the United States. When cloud providers have some or all of their data center hardware located somewhere else (Iceland is a popular choice for a variety of reasons) it throws a whole set of new questions into the mix.
As time goes on, we’ll no doubt see more and more cloud computing-related laws on the books, more international agreements, and more scrutiny of cloud providers. In the interim, it’s imperative organizations address these concerns when implementing a cloud solution.
- My Personal 2010 Predictions
- Java Application Security in the Corporate World
- Sarbanes-Oxley: The New Rising Star
- Don’t forget to register for FOSE 2013
- Sarbanes-Oxley and Web Services
- Itemfield: Defining the Benchmark for Complex Data Transformations
- A Storage Management Perspective on Sarbanes Oxley
- IT Security - "Sarbanes-Oxley Will Be a Huge Driver," Says Sun Exec
- Streamline Health® Engages KPMG as Its New Independent Registered Public Accountants
- Extending Identity Management Solutions Into a SOA