Cloud security and data privacy have been in the news again. A new working party is being set up to make it easier for the customer to know what they’re getting in terms of security, and to make it clearer for the provider to know what they should be delivering.
It means it should be much easier for those working in the Cloud to know where their data is being held and what can and can’t be done with it.
Data privacy is one of the thorniest issues in the cloud. Much of it comes from unwarranted worries. If you ask any business why they’re not in the Cloud then chances are they’ll talk about security. It means a lot, particularly for a small business to hand over their data to someone else. They feel like they’re losing control. They worry about where their data is being stored, who’s looking after it and what might be done with it.
Whether these concerns are valid is, partly, beside the point. Cloud providers have had to do a lot of work to alleviate concerns and worries. But they’ve done it with varying degrees of success.
Now the Cloud Security Alliance has set up a working party to settle the issue of data privacy.
The Privacy Level Agreement Working Group will mean a basic set of guidelines that Cloud providers have to adhere to. The CSA has put forward its proposals to the European Parliament who are already in the process of setting up its own data privacy guidelines.
Why are they doing it? At the moment there are nearly 30 different ways to implement data privacy. The worry is that that makes it harder for global providers to sell in different countries. If they want to grow and expand into new regions then Cloud providers have to know what the rules and regulations are in every country.
The new frameworks would mean there would be a system for cloud customers to read and to measure how providers handle data privacy.
What does it mean for customers? It means that cloud providers would have to make it clear what they’re doing with your data, how they’re storing it and how they’re keeping it private.
At Intrahost it’s made clear where data is stored. Intrahost has both digital and physical security plans in place to look after data. As well as anti-virus software that makes sure no junk or spam gets through to your data there is physical security in place where the severs are held. In what’s called a server farm, there are physical servers that store the cloud servers or hosting solutions our customers choose. There is CCTV, key card access and protection in place in case of natural disasters.
Intrahost is open about its security measures and also with its privacy agreements with customers. But not every cloud provider is. An industry wide agreement which make it much easier for customers to know what they’re getting, and more importantly what it means for them. It’s designed to let the customer know how one providers offer differs from another.
Instead of being something to be worried about, the data privacy rules should give customers peace of mind. The significance of cloud computing for business has been evident over the last year as the industry has grown. Adding to peace of mind and regulating the industry will help customers realise the difference it can make to them, but also how it can ensure their information is safe.