Avoid cloud stor­age dis­as­ters: 6 ques­tions to ask

Avoid cloud stor­age dis­as­ters:

InformationWeek - - Contents - BY PETER LONG Source: In­for­ma­tion­Week USA Peter Long is the CEO of Lock­box, a cloud pri­vacy ser­vice

Or­ga­ni­za­tions could put their data at risk if they don’t ask the right ques­tions when eval­u­at­ing cloud providers

Or­ga­ni­za­tions could put their data at risk if they don’t ask the right ques­tions when eval­u­at­ing cloud providers

om­pa­nies of all sizes store their data on ex­ter­nal servers ev­ery sin­gle day, whether they know it or not. This could be an or­ga­ni­za­tion whose em­ploy­ees bring their own de­vices and use file stor­age and shar­ing apps that the IT depart­ment isn’t aware of, or it could be a busi­ness look­ing to elim­i­nate IT in­fra­struc­ture costs and lever­age the con­ve­nience of the cloud by mov­ing data off­site.

One step that com­pa­nies and in­di­vid­u­als must take in or­der to use cloud stor­age is ac­cept the provider’s terms and con­di­tions. How­ever, both or­ga­ni­za­tions and in­di­vid­u­als of­ten fail to ac­tu­ally read those terms and con­di­tions prior to click­ing the “ac­cept” but­ton, putting com­pa­nies in pre­car­i­ous po­si­tions that leave their data vul­ner­a­ble to risk. It is ex­tremely im­por­tant, re­gard­less of com­pany size, to un­der­stand where your data is go­ing and what your rights are. More of­ten than not, there are pro­vi­sions buried deep within the terms and con­di­tions that give providers rights to change, al­ter or even delete files.

It’s crit­i­cal that com­pa­nies not only un­der­stand the terms of the pro­grams their em­ploy­ees are us­ing for BYOD, but also those for the cloud shar­ing and stor­age re­sources des­ig­nated by the com­pany. Here are six ques­tions all or­ga­ni­za­tions must ask when eval­u­at­ing cloud shar­ing and stor­age providers, ei­ther on a com­pany level or for em­ployee de­vices: 1. What is the ser­vice provider’s level of ac­cess and who holds the en­cryp­tion keys? Many agree­ments call for un­fet­tered ac­cess to data stored on a provider’s servers and most providers ac­tu­ally hold the en­cryp­tion keys, so snoops or hack­ers can ac­cess en­crypted data be­cause the keys are stored along­side the files. 2. Can the provider change or al­ter your in­for­ma­tion? Be­lieve it or not, when you click “ac­cept,” you are giv­ing some providers the right to change, al­ter or copy your data with­out your knowl­edge. This is of­ten po­si­tioned by providers as nec­es­sary for backup or for­mat­ting rea­sons. 3. Can the provider change the ser­vice at any time? Is there a clause stat­ing that ser­vice may be changed or sus­pended at any time or does your provider need to give am­ple no­tice to al­low you to re­move/re­trieve your data be­fore chang­ing the ser­vice terms? 4. When do fees kick in? Many providers start with freemium mod­els, but charges can pile on quickly. Be sure to know what your needs are and the stor­age thresh­olds in or­der to be thor­oughly pre­pared from a budget per­spec­tive. 5. Does the provider as­sume li­a­bil­ity if its servers are com­pro­mised? In gen­eral, providers rarely as­sume re­spon­si­bil­ity for any con­se­quences re­sult­ing from a se­cu­rity breach. 6. What hap­pens when the con­tract ends? Since your data is stored re­motely, you’re no longer in pos­ses­sion of it, so you need to be sure you can get your data back — par­tic­u­larly if the provider is the one who ter­mi­nates the con­tract. Many or­ga­ni­za­tions don’t re­al­ize the level of in­her­ent trust they must put in their cloud ser­vice providers once they hit the ac­cept but­ton on those terms and con­di­tions. It’s ex­tremely im­por­tant that or­ga­ni­za­tions un­der­stand their data rights when us­ing some­one else’s in­fra­struc­ture.

The cloud is ex­tremely ben­e­fi­cial and has al­lowed small com­pa­nies to grow and large com­pa­nies to ac­com­mo­date a ge­o­graph­i­cally di­verse work­force. With those ben­e­fits come risks, and com­pa­nies must ask the right ques­tions be­fore sign­ing on the dot­ted line.

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.