Posted by Kalyani M. on Jul 4, 2013
Cloud infrastructure has become the new standard for SMEs wanting to use technology to stay ahead of the competition. Unfortunately, the lack of a standard set of cloud security regulations has led to many SMEs missing out on the benefits of the cloud out of privacy concerns. While many smaller enterprises are kept from the cloud due to fears of data loss or a security breach, once they make the switch, most find that their data is even more secure and private than when all data was hosted onsite.
A recent Comscore survey of 211 small to medium-sized U.S., German, U.K., and French companies, found that before cloud adoption, 60% of respondents viewed the cloud as insecure, 42% were concerned about reliability, and 45% believed that cloud adoption would result in loss of privacy control. After having made the switch to the cloud, 94% claimed they now enjoyed a greater level of security than previously held onsite. 75% of respondents said that their company experienced improved service reliability, 61% claimed that the length and frequency of downtimes decreased after the adoption, and 62% found that privacy levels increased with their cloud service. According to Trustworthy Computing General Manager, Adrienne Hall, “There’s a big gap between perception and reality when it comes to the cloud. SMBs that have adopted cloud services found security, privacy and reliability advantages to an extent they didn’t expect. The real silver lining in cloud computing is that it enables companies not only to invest more time and money into growing their business, but to better secure their data and to do so with greater degrees of service reliability as well.”
The current approach leaves consumer data in a virtual wild west, in which enterprises and consumers much proactively seek out secure cloud solutions that can provide consumer data protections and user privacy. A recent paper in the Washington and Lee Law Review proposes the establishment of legal frameworks that could tackle the absence of cloud security standards by requiring companies to adhere to strict privacy regulations, while offering consumers greater control over their sensitive data. According to co-author Jay Kesan, the H. Ross & Helen Workman Research Scholar in the College of Law, “Our goal with this piece is to raise awareness of the privacy of online information, which is something that people seem to care about a lot more once they actually know what companies are doing with their personal information and data. If you think it’s a fair trade to receive an email service in exchange for letting a company track what Web pages you visit and show you relevant advertisements, by all means, you should continue to do so. But there are always security risks involved when information is stored, electronically or not. Users must weigh the advantages and disadvantages of the available options.”
The situation has propelled many consumers and lawmakers to action. In Australia, lawmakers are addressing the issue by considering national cloud security regulations. With 71% of Australians using a cloud service, the Australian Communications and Media Authority cites privacy and security concerns as its chief concern in considering the implementation of consumer data protections and cloud regulations. But regulations do have a downside in stalled growth and many consumers are just as wary of the government as they are of the cloud service providers, especially in the wake of the NSA PRISM scandal. A safer, cheaper, and easier alternative than rolling out national or global cloud regulations is through exclusively using a private cloud service to store and sync any sensitive data.
Protecting Data in the Meantime with SpiderOak
When selecting a secure service, there are several factors to keep in mind. For one, server location matters. Do you want to the convenience of public cloud deployment, with servers located offsite, or would you trade convenience for more ownership of your data security by keeping cloud services close at hand with an onsite server? Another thing to consider is that many services on the market have security gaps that leave private data vulnerable to third party attacks, malware, and legal snooping.
For enterprises looking for a truly private cloud, SpiderOak Blue offers fully private “public” and onsite server deployment options for full flexibility. SpiderOak sets itself apart from the rest of the market by providing a private cloud service featuring all of the benefits of cloud storage along with 100% data anonymity.
SpiderOak protects sensitive enterprise data through 256-bit AES encryption so that sensitive files and passwords stay private. Authorized accounts can store and sync sensitive data with complete privacy, because this cloud service has absolutely “zero-knowledge” of user passwords or data. And all plaintext encryption keys are exclusively stored on approved devices, as SpiderOak never hosts plaintext data. SpiderOak Blue’s private cloud services are available for enterprises on Windows, Mac, and Linux platforms, along with Android and iOS mobile devices, making this one of the only cross-platform solutions on the market.