Friday 2 October 2009

Are You Or Your Company Doing Something Illegal?

As I get around to visit more organisations talking about Cloud computing, the same well answered concerns get brought up.

Most people assume that you shouldn't put your data outside the UK and what about the security of the data?

The answers are simple. All the major Cloud vendors have Safe Harbor policies that comply with both the US and EU Data Protection acts. Many people forget that their own personal banking data is already handled offshore for the purposes of processing. So why should it be any different for your company data?

Similarly, you can well imagine that these major Cloud vendors are prime targets for all manner of hackers, phishers etc.. You should reassure yourself that your data is most probably substantially better protected that you could ever achieve. When was the last time you really proactively monitored your network security, or put security patches on in a timely fashion? If your Cloud supplier is SAS70 type II audited, then you have got all bases covered. They're betting their business on securing your data. So, despite being prime targets, they are most probably managing their network security by the minute and security patching will not be a 'to do' list item.

The other concern is about having security agencies, accessing your data without your knowledge. If you have not got something to hide, why should you be worried? The security agencies aren't going to use your data for competitive advantage! So long as you advise your client of how you are handling their data, then they can advise you of their concerns and storage of their data can be provisioned elsewhere.

Microsoft, IBM, Salesforce and Google all have data centres in the European Union, as well as in other regions of the world. It is very easy to be reassured that your data is safe in their hands, and you as the responsible data owner only need to be concerned that the data is managed and handled in compliance with any company policies or regulatory requirements relevant to your business.

Sleep easy, Cloud computing is well protected and you can include it as part of your IT strategy.
 
/* Use this with templates/template-twocol.html */