Well, every system in this universe that was thought to be infallible has almost always proved its creators wrong by exposing themselves to the mercy of a group of people who like to barge in and play around with public data! Now, it isn’t any different for cloud computing.
As far as consumers are concerned, it is actually a very good idea to do some background check on the cloud computing service provider before putting your money on the table, because almost all cloud computing service providers rely on third-party companies to manage huge customer data and also take care of security issues. So, it doesn’t really matter how much the provider himself seems to be concerned about your security - at the end of the day your data might (or might not) be accessible to those third-party people who are responsible for taking care of security issues and that could be the root of security risks.
If you are planning to shift to cloud computing, it is advisable that you first ask for a performance report of the company and that is going to give you a fair idea about the kind of services that you can expect for your money. What about the downtime? Yes, of course they would brag about sturdy security systems and foolproof safe boxes for your data, but what happens when there is a natural calamity or something goes wrong inside the cloud computing Service Company? The downtime is definitely a good indicator of the kind of service that you can expect.
The security offered by cloud computing service providers can be easily compared to what the recording industry found itself into when people started sharing files with one another over the Internet without caring much about how much the record labels have spent on copyright. Almost always, security depends on the kind of people who have the privileges to access customer data in the name of protecting it. Yes of course, there are some companies who have been able to develop comparatively better systems in terms of the way they store their passwords and transfer data from virtual servers to client computers, but cloud computing can still be considered as a safe box under lock and key away from your home or office.
Google has had problems in the near past and so had salesforce.com. They did apologize for not being able to be the perfect watchdog, but at the end of the day it is the business owners who have to take the heat. So, before shifting over to cloud computing you need to inquire about their exception monitoring systems and also make sure that the data does not become overt during security updates. It has happened earlier that employees from a particular organization got access to data that they were not supposed to see and it was only when it was too late that people realized that it was nothing but an outcome of security breach.
You can’t really do much about the security solutions of your service provider, but you can definitely inquire about the prevailing laws of the land as far as data security is concerned and might also go one step further and conduct an independent security audit of the cloud computing service provider. It is also very important that you know which third parties are working with your provider and whether or not they have access to your data.
In spite of all these things, people do end up using data and when that happens, they do nothing but the new service provider. But, really isn’t there something that you can do? Of course you can. You can develop your own security policies and after that has been done you could talk to your service provider and negotiate with him to try and accommodate your policies into theirs. That is going to give you mental peace. The last thing they could do is to ask for the kind of guarantees and penalties that are in place to protect your data. If they are simply nonexistent, it’s time for you to turn back and walk out of the door.
Image courtesy by FutUndBeidl
