Computing in the cloud, like any developing technology, brings up a number of issues and challenges. Storing data and computing in the cloud is a great technological advancement. However, there are many ways our data and privacy could be compromised in the cloud. What can we do to ensure that our data is protected and our privacy is not compromised?
End user’s security and privacy could be compromised in the cloud, for instance, when files and folders are infected with a virus. The cloud vendor must, therefore, ensure that its servers are not vulnerable to infections and that safeguards are in place to ensure that infections do not occur. However, in the event infection occurs, what will the cloud vendor do to rectify the situation? How will they retrieve data if it is lost or compromised? Perhaps, these kinds of issues can be described in the provider’s service level agreement (SLA) to ensure their customers that they are proactive about such issues and are willing to take action if something goes awry.
Another troubling issue in the cloud is identity theft, which can result as a result of Phishing. What is the cloud vendor doing to ensure that their client’s identity is safe? How are they educating their clients to prevent this from occurring? Phishing is a major problem that cloud vendors must be cognisant of as unscrupulous people find ways of stealing the identity of others in order to access sensitive information, like online banking credentials. This could be disastrous for a customer, and cloud vendors must ensure that proper safeguards are in place and do whatever they can to protect their clients.
Another security issue can occur if the service provider’s software is defective. You need to make sure that the software actually does what it claims by testing the service before you sign up; and also you need to perform regular tests as you go along. Defective software can result in a loss of data and money. The data owner needs to have clarity among other things, as to who can access the data. This is an important security protocol that needs to be addressed with the cloud vendor.
A simple solution to many of these and other related security and privacy issues is education and communication. Cloud vendors need to effectively communicate the dangers of some of these issues to their clients in a clear and comprehensive manner. They should be outlined in the company’s service level agreements (SLAs) and every possible effort should be made to inform their clients of the implications if they don’t take the proper steps to ensure their privacy when doing business in the cloud.
The cloud is a two way street. Cloud vendors and their clients must work together and be vigilant to ensure their data and/or privacy is not compromised.