The Sticking Points Of Security And Privacy

The Sticking Points Of Security And Privacy

The Sticking Points Of Security And Privacy

No matter how many times a privileged straight white male technology executive pronounces the death of privacy, Privacy Is Not Dead. People of all ages care deeply about privacy and they care just as much about privacy online as they do offline” (Danah Boyd)

cybersecurity_infographic

Security and Privacy are the two sticking points when it comes to moving business systems into the cloud. Out of the two, security is obviously the most important. After all, you can securely store data in a way that doesn’t ensure privacy, but you can’t maintain privacy if your supporting systems aren’t secured. Thankfully, there are a number of straightforward internationally agreed upon standards and best practices that companies can use to ensure that their servers are secured either in-house or in the cloud. Privacy however is a much newer field, and although everyone seems to have their own opinion about what constitutes adequate privacy protection, the law may have a different opinion than you and doing business in the cloud you may be dealing with conflicting privacy regulations that span multiple countries and industries.

As we’ve seen with recent controversies such as the NSA scandal, this is still a relatively new area of concern and the courts are struggling to catch up with new developments. Although we can’t offer any legal advice, we would like to present some good general tips that companies should consider when evaluating the privacy of their data in the cloud.

1. Limit the Data you Collect – It’s common sense that protecting a small amount of personally identifiable data should be easier than protecting a very large quantity, and you should also ensure that any personally identifiable information that you collect should be obtained in an open, transparent and lawful manner. As privacy regulations continue to change and evolve you should expect to see a growing trend where notification and consent will be required from consumers. And as consumers become more knowledgable about their rights you can expect to see an increase in the number of disclosure requests or lawsuits made by consumers. By minimizing the amount of the data you keep on file, you minimize both the risk and the cost associated with administrating the sensitive information.

2. Limit the Use of personally identifiable information. – This includes letting them know why you need this information and what will be done with this information once it’s been collected and once you’ve collected this information don’t share it with anyone or use it for purposes other than those agreed upon by you and the client.

3. Keep the Data Secure – Make sure that you have tight controls in place to prevent privacy breaches or data leaks. Once personally identifiable information goes into your possession, you have a responsibility to protect it against unauthorized use, theft, improper disclosure or deletion. Talk to your IT department and make sure that you have all of the proper mechanisms in place to protect yourself against hackers, viruses, data storage theft and other technology attacks. Even if this data is stolen and misused by a 3rd party without your permission, the victims and the courts will still hold your company responsible

4. Set Policies for Retention – Regarding the limit of use, many people will mistakenly assume that an alternative method will simply be to collect data, use it and then destroy it when they’re done. Although this approach is good in theory, many regulations stipulate that business documents and collected customer information must be retained on file for several years. If you store data for too long you increase your exposure, but if you deleted too soon, you can fall out of compliance and face stiff penalties. Judges are also very aware of the fact that digital data can be easily altered without leaving a trace. So your company should have controls in place to ensure the integrity of the data and demonstrate to a judge that it hasn’t been tampered with.

5. Set policies for destruction – When you delete a file and empty the Recycle Bin you only erase the label and address which points to the data, the actual data blocks that make up the file are still on your hardrive and can be retrieved using special software. In order to completely destroy a file you must 1st delete it and then write over those data block with random bits. Let’s suppose that you are hosting a virtual server with a cloud provider. If that the cloud provider moves your virtual server to another physical device, the actual moving leaves out residual data blocks at the original location. If this section will be assigned to another client, they could potentially discover your data. How can you been absolutely sure that this data has really been destroyed?

So how do you make sure that you are protected in the cloud?

Cloud Providers are frequently audited by governments, stakeholders or larger customers in order to ensure that the proper security procedures are being strictly followed. For small businesses with limited IT resources the cloud is a good option because these service providers have much stricter security measures in place. But you shouldn’t rely on this alone. There are also mechanical precautions you can take in order to make sure your cloud data is destroyed. By encrypting your data blocks using strong encryption standards, such as 256 bit AES, you can store your data on a cloud provider servers without exposing it.

By Roland Conner

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Comic
Tesla Solar Plan Would Cost Billions To Implement

Tesla Solar Plan Would Cost Billions To Implement

A 1,500-word manifesto that Elon Musk unveiled last week, outlining his plan to expand Tesla Motors Inc.’s electric-vehicle line and to build “stunning solar roofs,” may end up costing the company tens of billions of dollars to carry out. Musk, Tesla’s chairman and chief executive officer, gave the estimate on Tuesday after a tour of the…

Healthcare IoT Security To Grow To $47 Billion In 2021

Healthcare IoT Security To Grow To $47 Billion In 2021

Healthcare IoT Security It’s obvious that IoT can make the entire healthcare industry more efficient. The kind of data involved can be used to save time, physical energy and operating costs. Because of this, devices that facilitate medical data are becoming more commonplace in the industry. This includes things such as wearables that can track…

Zoho Announces Industry’s First Multichannel CRM Service

Zoho Announces Industry’s First Multichannel CRM Service

Zoho News According to Gartner, the Customer Relationship Management (CRM) software market grew by 12.3% from $23.4 billion in 2014 to $26.3 billion in 2015. Suggests Julian Poulter, research director at Gartner, “The merger and acquisition activity that began flowing through the market in 2009 continued in 2015, with more than 30 notable acquisitions. This…

How The Cloud Is Changing Online Education

How The Cloud Is Changing Online Education

Online Education Growth There’s no doubt that the internet has changed the face of education over the last two decades. In fact, by some estimates more than 80 percent of college students expect to take at least some — if not all of their courses — online. Thousands of people have earned degrees without ever…

Investing In The Future With The Introduction of Sage Cloud

Investing In The Future With The Introduction of Sage Cloud

CHICAGO, IL–(Marketwired – Jul 26, 2016) – Sage, a market leader in cloud accounting software, announced today at Sage Summit 2016 its strong commitment to future technologies, with a focus on new and existing partnerships that power business growth. Revealed during CEO Stephen Kelly’s keynote address, which opened the world’s largest gathering of entrepreneurs and…

Cloud Comings and Goings

Cloud Comings and Goings

Cloud Power Amazon Web Services – the giant of cloud computing – is on track to do $10 Billion in revenue this year. Yet, rumors swirl that Apple may take a huge chunk of business away from them and Dropbox has definitely left AWS. Is something wrong at AWS? Wait, Salesforce.com (SFDC) – the granddaddy of…

Data Breaches: Incident Response Planning – Part 1

Data Breaches: Incident Response Planning – Part 1

Incident Response Planning – Part 1 The topic of cybersecurity has become part of the boardroom agendas in the last couple of years, and not surprisingly — these days, it’s almost impossible to read news headlines without noticing yet another story about a data breach. As cybersecurity shifts from being a strictly IT issue to…

The Cancer Moonshot: Collaboration Is Key

The Cancer Moonshot: Collaboration Is Key

Cancer Moonshot In his final State of the Union address in January 2016, President Obama announced a new American “moonshot” effort: finding a cure for cancer. The term “moonshot” comes from one of America’s greatest achievements, the moon landing. If the scientific community can achieve that kind of feat, then surely it can rally around…

Maintaining Network Performance And Security In Hybrid Cloud Environments

Maintaining Network Performance And Security In Hybrid Cloud Environments

Hybrid Cloud Environments After several years of steady cloud adoption in the enterprise, an interesting trend has emerged: More companies are retaining their existing, on-premise IT infrastructures while also embracing the latest cloud technologies. In fact, IDC predicts markets for such hybrid cloud environments will grow from the over $25 billion global market we saw…

Cloud Computing Price War Rages On

Cloud Computing Price War Rages On

Cloud Computing Price War There’s little question that the business world is a competitive place, but probably no area in business truly defines cutthroat quite like cloud computing. At the moment, we are witnessing a heated price war pitting some of the top cloud providers against each other, all in a big way to attract…

Cloud Infographic – Big Data Analytics Trends

Cloud Infographic – Big Data Analytics Trends

Big Data Analytics Trends As data information and cloud computing continues to work together, the need for data analytics continues to grow. Many tech firms predict that big data volume will grow steadily 40% per year and in 2020, will grow up to 50 times that. This growth will also bring a number of cost…

Protecting Devices From Data Breach: Identity of Things (IDoT)

Protecting Devices From Data Breach: Identity of Things (IDoT)

How to Identify and Authenticate in the Expanding IoT Ecosystem It is a necessity to protect IoT devices and their associated data. As the IoT ecosystem continues to expand, the need to create an identity to newly-connected things is becoming increasingly crucial. These ‘things’ can include anything from basic sensors and gateways to industrial controls…

Cloud Infographic: IoT For Automotive Deconstructed

Cloud Infographic: IoT For Automotive Deconstructed

IoT For Automotive Deconstructed The IoT automotive industry is moving rapidly with many exciting growth opportunities available. We’ve written about some of the risks and benefits as well as some of the players involved. One thing for certain as that the auto industry is starting to take notice and we can expect the implementation of a…

SaaS And The Cloud Are Still Going Strong

SaaS And The Cloud Are Still Going Strong

SaaS And The Cloud With the results of Cisco Global Could Index: 2013-2018 and Hosting and Cloud Study 2014, predictions for the future of cloud computing are notable. Forbes reported that spending on infrastructure-related services has increased as public cloud computing uptake spreads, and reflected on Gartner’s Public Cloud Services Forecast. The public cloud service…

5 Predictions For Education Technology

5 Predictions For Education Technology

Education Technology Although technology has fast influenced most sectors of our world, education is an area that’s lagged behind. Many classrooms still employ the one-to-many lecturing model wherein the average student is catered for while a few are left behind, and others bored. Recently, there’s been a drive to uncover how to use technology successfully…