Businesses considering moving their data to a cloud computing company should be aware of privacy issues and differing jurisdiction when accessing data in different countries, software giant Microsoft has warned.
The company issued a white paper outlining their concerns, in conjunction with International Conference of Data Protection and Privacy in Madrid, saying SMEs need to consider how cloud computing could affect their business.
“Cloud computing does raise a number of important policy questions concerning how people, organisations and governments handle information and interactions in this environment,” Microsoft said in the paper.
“Privacy protections are essential to building the customer trust needed for cloud computing and the internet to reach their full potential.”
Many businesses are now turning to cloud computing as a cheaper alternative to using in-house software. These offer software and other features stored on computers in a data centre, rather than on an individual’s machine, allowing SMEs to downgrade computers and save time.
But Microsoft senior director of privacy strategy Brendon Lynch says while cloud computing offers benefits, businesses must be aware of downfalls including the disharmony between governments regarding data access.
The nature of cloud computing dictates data centres host information all across the world, but Lynch says countries often have very dissimilar laws regarding the use of that data.
“Data flows are becoming more global but privacy laws are local,” Lynch said in a statement. “The full benefits of cloud computing will not be realised if there cannot be harmony and consistency with regulation.”
Additionally, many smaller cloud computing players spread their data to other companies, so a client may have a number of different IT administrators accessing their data without their knowledge.
The solution, Lynch said, is a “client plus cloud” model that allows users to install software on their computers but can only access certain services online. This allows businesses to be assured their online data is being secured by “robust” privacy policies.
“Generally speaking, the data is their own and we are just hosting the box they put it on,” Lynch said. “If we were approached by a government authority to gain access, we would try as much as possible to redirect the legal process to the customer to let them decide how to respond.”
David Markus, chief executive of IT services firm Combo, says SMEs considering the use of cloud computing services need to investigate thoroughly who is accessing their data.
“There are major issues with security in the cloud, and the real issue is that there are a lot of cloud services who don’t really have their own infrastructure and so rent from others. When you use the big players, you’re managed, but if you step off those big players you don’t know who is accessing data.”
“Buyers need to look very carefully at where there data is going and who is responsible for it, because there have been some instances in the last year of people losing data… and they need to know it is well managed.”