Privacy On Public Clouds – Five Issues You Must Know About

Privacy On Public Clouds – Five Issues You Must Know About

Privacy On Public Clouds – Five Issues You Must Know About

Cloud computing is everywhere and presents a compelling value proposition for its end users. However issues like privacy and security still are grey areas when it comes to public clouds. Here presented are five issues one must be aware of: 

1. You own the data and hence the responsibility CSP

Many cloud users do not know the answer to this question – Who owns my personal information once I upload it on the Cloud Service Provider’s (CSP) server? Most public cloud service providers recognize that the user retains ownership of data once it is uploaded. (e.g. https://www.facebook.com/legal/terms) This also means that you have decided to trust the CSP with handling of your data. The CSP may have some responsibility for handling the information safely but not all. You may choose a different service provider or choose not to put particular data on cloud altogether. But the buck stops at you are responsible for the data you put up there.

2. CSPs collect much more data

Typically at the time of joining you provide certain details including personally identifiable information (PIIs) to CSP. But you will be surprised to know that they know a lot more about you. The additional information is derived from your regular usage of their services. This includes when you log in, for how long you are connected, devices you use, location from where you connect, applications you use etc. Various mechanisms are employed to collect these details. Common methods use browser web storage, application data caches, cookies, pixel tags and anonymous identifiers.

3. You have only limited control over data

It is common for CSPs to provide few privacy options to end users. But there is a catch. Firstly you do not get to control every data, only a subset of privileges is offered. Secondly these options help you customize how rest of the world sees your information. Your CSP still has full access to the data, and they use it for a variety of purposes (e.g. http://www.google.co.in/intl/en/policies/privacy/). You cannot stop them from doing that because it is covered in the contract.

However, you still have some absolute powers in the form of local browser security settings. You can set the desired security levels and in effect block cookies or other scripts from executing. But there is a cost associated with this. The moment you say block cookies, many features may stop working. CSPs clearly state that in their terms and conditions. So if you want to get full features from the cloud this is not a practical option.

4. Encryption is your true friend

What if you have already signed up with cloud service provider? You still have a friend in terms of encryption. You can encrypt all your sensitive data before storing it on the cloud. This adds an additional security layer, control of which lies entirely with you. It may not be to the CSPs liking but highly recommended as this will fetch you greater control over safety of your data.

5. Law of the land may not apply

Unfortunately, privacy laws all over the world are still evolving and there is no global standard. While you may be governed by the state laws you live in, the same may not apply to your data. Your CSP and eventually the server where your data resides, may come under a different jurisdiction. So think again if you are counting on local laws to come to your rescue in case of a breach.

By Manoj Tiwari

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Comics
Connecting With Customers In The Cloud

Connecting With Customers In The Cloud

Customers in the Cloud Global enterprises in every industry are increasingly turning to cloud-based innovators like Salesforce, ServiceNow, WorkDay and Aria, to handle critical systems like billing, IT services, HCM and CRM. One need look no further than Salesforce’s and Amazon’s most recent earnings report, to see this indeed is not a passing fad, but…

Using Cloud Technology In The Education Industry

Using Cloud Technology In The Education Industry

Education Tech and the Cloud Arguably one of society’s most important functions, teaching can still seem antiquated at times. Many schools still function similarly to how they did five or 10 years ago, which is surprising considering the amount of technical innovation we’ve seen in the past decade. Education is an industry ripe for innovation…

The Fully Aware, Hybrid-Cloud Approach

The Fully Aware, Hybrid-Cloud Approach

Hybrid-Cloud Approach For over 20 years, organizations have been attempting to secure their networks and protect their data. However, have any of their efforts really improved security? Today we hear journalists and industry experts talk about the erosion of the perimeter. Some say it’s squishy, others say it’s spongy, and yet another claims it crunchy.…

Ending The Great Enterprise Disconnect

Ending The Great Enterprise Disconnect

Five Requirements for Supporting a Connected Workforce It used to be that enterprises dictated how workers spent their day: stuck in a cubicle, tied to an enterprise-mandated computer, an enterprise-mandated desk phone with mysterious buttons, and perhaps an enterprise-mandated mobile phone if they traveled. All that is history. Today, a modern workforce is dictating how…

Cloud Security Risks: The Top 8 According To ENISA

Cloud Security Risks: The Top 8 According To ENISA

Cloud Security Risks Does cloud security risks ever bother you? It would be weird if it didn’t. Cloud computing has a lot of benefits, but also a lot of risks if done in the wrong way. So what are the most important risks? The European Network Information Security Agency did extensive research on that, and…

The Cancer Moonshot: Collaboration Is Key

The Cancer Moonshot: Collaboration Is Key

Cancer Moonshot In his final State of the Union address in January 2016, President Obama announced a new American “moonshot” effort: finding a cure for cancer. The term “moonshot” comes from one of America’s greatest achievements, the moon landing. If the scientific community can achieve that kind of feat, then surely it can rally around…

Data Breaches: Incident Response Planning – Part 1

Data Breaches: Incident Response Planning – Part 1

Incident Response Planning – Part 1 The topic of cybersecurity has become part of the boardroom agendas in the last couple of years, and not surprisingly — these days, it’s almost impossible to read news headlines without noticing yet another story about a data breach. As cybersecurity shifts from being a strictly IT issue to…

Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Infrastructure-as-a-Service Security It’s no secret many organizations rely on popular cloud providers like Amazon and Microsoft for access to computing infrastructure. The many perks of cloud services, such as the ability to quickly scale resources without the upfront cost of buying physical servers, have helped build a multibillion-dollar cloud industry that continues to grow each…