Following concerns that many businesses do not realise they remain responsible for how thier data is looked after when using cloud computing services, the Information Commissioner’s Office (ICO) have today published guidance to remind businesses of their data responsibilities.
Cloud computing services offer businesses economies of scale and capabilities that would not otherwise be within easy reach. Cloud services, such as SalesForce, Amazon Web Services® and Microsoft® Azure®, offer enterprise grade computing power to businesses of all sizes, without the need to invest in the hardware, software and staff usually required to support equivalent on-premise services.
Unfortunately, this flexibility in IT service deployment introduces a different set of potential security risks, which need to be understood and addressed.
Speaking as the guide was launched, author Dr Simon Rice, ICO technology policy advisor, said:
“The law on outsourcing data is very clear. As a business, you are responsible for keeping your data safe. You can outsource some of the processing of that data, as happens with cloud computing, but how that data is used and protected remains your responsibility.
“It would be naïve for an organisation to take the attitude that these guidelines are too much effort to simply store some data in a different place. Where personal information is involved, the stakes are high and the ICO has already demonstrated it will act firmly against those who don’t meet data protection laws”
The ICO guidance will prove useful and will help organisations to understand their responsibilities when using cloud services. A good start and a good foundation to build from.
As a publisher of Cloud computing books, IT Governance Publishing have created a book bundle to provide further essential guidance:
Make sure you step onto the right Cloud with this essential book bundle … Buy today!