Posted in Cloud Computing

Cloud Computing

Cloud Computing Contracting and Compliance: Why All Privacy Pros Need to Get Up-to-Speed

The cloud is going mainstream.

Many organisations are embracing cloud computing enthusiastically as a means to improve business processes while, potentially at least, making substantial cost savings along the way. Others, meanwhile, are proceeding at a more measured pace. Cautious adopters include companies that operate in heavily regulated sectors such as financial services and healthcare, as well as many government agencies and other large organisations with substantial investments in legacy IT systems and processes.

Whatever sector you work in, however, it is time to get to grips with cloud computing and, in particular, the privacy implications of cloud procurement and deployment arrangements.

From the Tool Belt

Overcoming the Security and Privacy Challenges of the Cloud

By Chris Zoladz, CIPP/US, CIPP/E, CIPP/IT, CIPP/G

There is no doubt that the use of the cloud will continue to grow at an impressive rate. IDC estimates the cloud market will be worth over $50 billion by 2014 and over $120 billion by 2020. Even the U.S. government, who is not viewed as a leader in the use of technology, has a “cloud first” mandate. With compelling evidence that migration to the cloud will improve an organization’s bottom line and business efficiencies, it would seem to be an easy decision. 

However, the ubiquitous articles and blog posts about the seemingly insurmountable security and privacy risks of moving mainstream applications to the cloud have created ample fear, uncertainty and doubt in some organizations.

More from Chris Zoladz

Opinion

European Cloud Providers Cloud the Truth After PRISM—What Should U.S. Providers, and the U.S. Government, Do About It?

European cloud providers have tried for years to gain a competitive advantage in the European market over U.S.-based counterparts by claiming that content stored with European providers is more protected from government access than data stored with U.S. companies. These European providers have tried to instill fear in potential customers, claiming that the USA PATRIOT Act gives the U.S. government essentially unfettered access to content stored with U.S. companies.

As has been well-documented here and elsewhere, the truth is that the U.S. imposes tighter restrictions on the ability of its law enforcement and security agencies to get data stored in the U.S. than many EU governments face in accessing data stored in their home countries. Moreover, unlike in the U.S., providers in the EU can voluntarily provide content and customer data to the government, and EU providers are required to retain data for up to two years, helping ensure the data is there when the government comes looking for it.

More from Jason Weinstein

Opinion

What I’m Hearing Out on the Rue

A variety of client and professional meetings in France and Belgium have me here for an extended stay. I have heard many interesting things about privacy/data protection issues. So here is what I am hearing “out on the Rue.”

More from Christopher Wolf