by Dave Clemente
Cloud Computing -- using the power of remote servers to store data and run applications like
Cloud services also provide greater security in some areas. Updates and patches can be rolled out quickly to applications running in the cloud, eliminating the need to laboriously patch individual computers. Storing data in the cloud also means that the search, seizure or theft of a mobile device is less likely to compromise personal information or intellectual property. But these benefits come with trade-offs, and the main one is lack of control.
For all the borderless connotations of the cloud, the reality is that these services run on servers that sit inside national borders. Major western cloud services operate in a well-developed commercial and regulatory market, and tend to have a higher level of security from hacking, compared to an individual user's computer. Services in countries with little or no relevant regulation mean a customer has fewer options for legal recourse should things go awry.
Many CEOs do not know, or have not thought to ask, in which legal jurisdiction their data resides, or who has access to the data. The aerospace company BAE said in 2011 it would not use cloud-based services because the provisions of the US Patriot Act would permit authorities access to BAE's data.
For companies, the primary risks relate to data protection, and this can be reduced by prudent selection of cloud providers. For individuals, the main risk is loss of access to data, and this can be mitigated by using the cloud as a secondary backup.
Cost and efficiency, however, still trump security, and that is unlikely to change. No Chief Information Officer will last long if they reject efficiency savings from cloud services, just because security cannot be guaranteed. The cloud is expanding and is here to stay, but users should remember that these clouds have borders.