Cloud Security: Part 1

There a variety of benefits to cloud computing. Backing up important data makes it readily available to everyone in your company and frees up space on your servers. You probably have many concerns about cloud security and might be wondering if cloud security will protect your client’s data and adhere to HIPAA, PCI or Sarbanes-Oxley regulations.

Do cloud storage solutions adhere to these regulations? Are they required to? If they haven’t spelled it out in their privacy policies, it is safest to assume they are not compliant. We will explore this more below.

Compliance

Cloud security has become an important issue recently, as more and more companies turn to online storage solutions, looking for greater simplicity, scalability and affordability. Yet the price in both money and reputation for improper handling of customer data can be very high indeed. If your business should comply to key regulations associated with patient privacy (HIPAA), credit card security (PCI) or the finance-sector strictures of Sarbanes-Oxley, it can be hard to find out if a service complies with these important restrictions.

Who is responsible

Cloud security is vital when handling your sensitive data, but whose responsibility is it? Should you assume that if it is not spelled out in the privacy policy, that a service provider doesn't abide by these regulations? Even though this is clearly the safest option, it may leave you unable to use cloud computing at all. Many services do not provide detailed information in their privacy rules, possibly to lower their liability. The hope is that with time cloud storage and sharing will become better self-regulated and companies will opt to disclose their individual practices to the businesses they serve. While such self-regulation is not required right now, many businesses believe it is their duty to display clear warnings, explaining what they don't provide or guarantee.

Currently there's no law in place that requires a company to divulge these details. Cloud computing services can save your organization money while improving efficiency, but they could also risk noncompliance with privacy laws. This leaves the risk on your shoulders and it is up to you to weigh the benefits and threats for yourself. The topic of cloud security is likely to be one of much debate in coming years. At the moment, the right road to travel is the the one that best meets your company's particular needs.