When enterprise clouds first came on the market, security was understandably a concern to many potential adopters, but as more organizations integrated into the cloud they reported satisfaction with protective measures and general apprehension subsequently died down. The recent exposure of the U.S. National Security Agency's PRISM program brought some of the old worries about privacy back to light. The main issue is not whether cloud service providers are adept at providing the security measures that can prevent data leaks and keep cybercriminals at bay, but whether enterprise providers will be able to keep data protected from potential government access.
It's a gray area. Regulatory measures simply lag behind the development of cloud services, as they do for many areas of technological innovation. Meanwhile, never before has information been digitally stored in this scope or quantity, and many companies purport to save everything. Businesses have recently become more cognizant of the potential hazards of government access to data but want to continue utilizing technology that makes their operations easier and improve profit margins. Can organizations have their cloud and their data privacy too? According to GigaOM's David Meyer, the answer is yes, as long as organizations elevate their internal security standards and place a higher premium on the protective capabilities of all external services. He said that private clouds can offer better protection than can public ones, especially for firms that want to remain tech-savvy but may be uneasy about the prospect of having their data accessed.
"[T]he private cloud appliance may be a good option for businesses that fear the worst but haven't entirely given up hope that privacy may still be an option," Meyer wrote.
How do private clouds keep data safe?
Because the potential fallout from the so-called 'privacy wars' hasn't fully been realized, and may not be for some time, businesses are wise to take preventative measures that consolidate their own internal footprint without handcuffing their business growth. Turning over data storage and critical business operations to the public cloud could pose problems and legal imbroglios for businesses if, for example, the government investigates another organization's data stored in the same cloud, Computerworld contributor Steve Pate reported. Private cloud storage keeps information sequestered from access to another organization in a shared cloud environment.
IaaS clouds and encryption can be another vital combination to keeping data secure, according to Pate. If critical IT operations are stored in the cloud, organizations can encrypt data on the in-house network before it is deployed, so that it can only be accessed through the company network, and not by any other source.