Cloud storage sparking data security fears

Shoving data into the cloud as a storage option is popular with users but increasingly the security aspect is causing them concerns

It's been a while since someone stood up and shouted about the need to encrypt data but it might be the answer if resellers want to help cautious users put more data into the cloud.

For the past year a customer worried about moving into a hosted environment has been told that there could not be any safer options than working with a specialist that lives or dies by their ability to put data securely into the cloud.

But that has not really gone far enough for some users and they still wake at night thinking about how their precious data could be falling into the wrong hands because it is not being looked after.

There is no doubt that there are differences between providers and there have been some warnings from the Cloud Industry Forum for users to think carefully before selecting a provider.

But with some of the large public cloud platforms gaining ground as an option for those looking for some storage capacity there are some worries that not enough is being done to ensure that the data is hard for hackers to get hold of.

Research can be one way of putting some meat on bones of assumption about what is happening out there and there are genuine worries from users, which have been exposed by iStorage.

The firm found that a large number of users are not happy sticking their data into the cloud and expecting it to be safe.

“Cloud technology may make life easier for mobile workers but it’s certainly not without its risks; it really should only be used to store encrypted, non-sensitive information,” said John Michael, founder and CEO of iStorage.

“Ultimately, the cloud concept refers to a physical data centre and as such users are very much reliant on trusting cloud providers to protect any information that they store in this way,” he added.

There are suspicions that then focus on securing cloud stored data will only increase in the future as more board level executives start to get the fear over forthcoming EU data protection legislation.

The European General Data Protection Regulation is slowly moving forwards and is likely to become a reality at some point in the next couple of years with its threat of significant fines for those firms that lose customer information.

“Data protection is only going to grow in importance on the corporate agenda, with the new European General Data Protection Regulation shining a spotlight on the role that all professionals will be expected to play in safeguarding the information that has been entrusted to them and their organisations,” added Michael.

“Our recent survey at Infosec revealed that currently there is confusion and a lack of understanding about what this regulation means and the effect that it will have. This must be addressed in advance of the regulation coming into effect, to ensure that all businesses are fully prepared for the data challenges of the future.”

Earlier this week, there was a meeting between the European Parliament, the European Council and the European Commission (EC) as they went through the final stages of negotiation so the regulations can be put in place by the end of this year.

This month saw the European Council of Ministers approved a version of the EU General Data Protection Regulation (GDPR) to replace the 1995 directive.

Jan Philipp Albrecht, the European Parliament's lead on the data protection regulation, said: “It is a very good sign that Parliament is committed to unifying data protection laws.

"Such data protection unification could open up Europe's digital economy."

There has been plenty of movement by security resellers to start discussing the law changes with customers and clearly there might also be a chance for storage channel players to also get involved with the debate.

Read more on Cloud Platforms