Does the increased adoption of cloud services, the proliferation of cloud-connected devices and advent of the Internet of Things increase the likelihood there will be more data security breaches? Certainly, a recent report suggests (reg required) customers believe that to be the case and calls it the “cloud multiplier effect”:
- 57% believe providers don’t have the requisite security technologies and protocols in place
- 85% believe providers won’t notify them immediately if there is a data breach involving IP or business confidential information. This is particularly pertinent given the new data breach notification obligation that I mentioned previously
- Most worrying of all is that 72% say they believe providers are not in full compliance with privacy and data protection regulations and laws
Usually the perception of risk is greater than the risk, although the near constant stories of hacks and password leaks can’t have helped general levels of confidence. Cloud providers need to continue to educate their customers and to provide more comfort that they can protect their data. But customers have options too.
What should customers do?
- Download a copy of my free report Secure Your Data in the Cloud
- Adopt a policy identifying what data to put in the cloud and what to keep locally
- Undertake diligence before appointing a provider – I have yet to meet a provider who doesn’t take data security seriously so find out what is their approach to data security – will they encrypt or tokenise your data?
- Review (and adjust) the data clauses of the agreement – sometimes the sales messages about security are excluded from the contract
- Monitor the provider’s performance after the service starts
- Speak to an expert (or, indeed, a Cloud Lawyer!)