During a presentation to small and mid-sized business owners this past week, I had a question that caught me unaware, and ultimately, I'm concerned that the audience didn't get my best response. The business owner who asked the question was concerned about risk to their data. My mistake was focusing on what was happening technically, and not answering the question directly.
We were in a discussion at the time about cloud computing. The business owner understood that cloud computing made them more mobile, and allowed their company productivity benefits. They were concerned about the stories they’d heard of hackers getting at critical or sensitive data.
The risk in cloud computing is what could happen by completely letting go of your data, and putting it with a service provider. Obviously, the (typically 3-year) contract you'd be under could alleviate risk. It's a good news bad news scenario. The good news is that cloud computing allows you to operate virtually, assuming you have an Internet connection and machine to get to it. The better news is that your data is centralized. The bad news is that you're data is centralized, and with a service provider.
So how to cope? I'd recommend figuring out quickly what's really "proprietary" or "sensitive" data and then ensuring data security, by safeguarding it with additional means, i.e. offsite storage. First though, I’d use service level agreements in the cloud service provider’s contract to address risk appropriately.
Make no mistake about it, cloud computing represents both benefit and risk. A recent study shows cloud adoption by commercial users will double in the next year. Smart business owners are figuring out how to utilize the benefits of cloud computing, and effectively and appropriately manage the risk. Not-so-smart business owners are pulling the trigger on using cloud-based applications without considering security and data protection issues.
Copyright © 2015 · The NT Group, LLC · All Rights Reserved