The Risks of Cloud Computing

Is Your Personal Information Safe in the Cloud?

Man Using a Digital Tablet
Getty Images/Yongyuan Dai

Cloud computing has become a prominent staple of our technology-driven lives. Cloud computing is convenient and easy and in the business world, it makes financial sense because it means companies don’t have to spend so much money on data storage or maintaining servers. Online data storage has been around for about as long as the Internet, but there is now a big push for companies to explore using the ever-expansive Internet to store data.

Some common PC software even requires it. But when companies are having a hard enough time keeping your personal information safe from hackers and data breaches, what happens when they put it out on “the Cloud?"

The Basics of Cloud Computing

The basic idea of cloud computing is that your information is stored online, available for you to access it whenever you want and from any computer or Internet-ready device. It’s a neat idea that really appeals to companies looking for a way to reduce their costs. Online data storage seems like a reasonable alternative to buying expensive servers for storage and keeping an IT person or staff on hand to manage them.

The Security Risks of Cloud Storage

The cloud may be fine for your pictures and music, but when you start thinking about personal information a business keeps on their clients and customers, the stakes go way up. For one thing, you don’t really know where the data is being stored, so you don’t have the first idea of the level of data security.

If it’s a corporate “server farm,” it may be pretty good, or it may not. The first level of data security is physically protecting the hardware the data is on, which is an important detail to nail down.

An equally important concern, particularly for government agencies and military, isn’t just the security of the servers themselves; it’s the people who have access to them as part of their job.

One of the most famous examples of failure to protect against this personnel security risk is Edward Snowden and his exposure of the U.S. National Security Agency's surveillance program, PRISM.

It's clear that government agencies like the National Security Agency (NSA) and high-profile corporations like Target who rely on individuals with access to data may be putting their customers and the public at risk. It seems that closer scrutiny in hiring staff who manage cloud servers is the first easy answer to ensuring data security in "the Cloud."

The Accountability Challenge

A greater concern with cloud storage, though, relates to who consumers can hold accountable for the security of their personal information. Current laws provide guidelines for companies that maintain personal information. The laws address how personal information must be protected, used and ultimately destroyed, as well as penalties for failure to protect that information. Those laws include provisions for ensuring any third party that company gives information to also protect it as the company would itself.

By storing personal information via cloud computing, it will be virtually impossible for a consumer to know who actually compromised their personal information, since no one will know where that information was even stored. In other words, everyone involved in a data breach will be able to shrug their shoulders and say, “It’s not our fault.”

Continue Reading...