It's Time to Talk About Cloud Data Security
So it's no wonder that cloud computing is fighting an uphill battle. On one hand, it's generally agreed (and pointed out by Merkel) that it saves money and energy, improves efficiency and allows business to react to changing conditions more quickly. On the other hand, a lot of people in business don't know what's happening to their data because nobody seems to be able to say where it is.
Sound familiar? It should because most of the fears and misunderstandings about cloud computing are basically the same. While we don't have the EU's restrictions on where we can store personally identifiable information, we more than make up for it with SOX, HIPAA, GLB and PCI and a variety of other ways that somebody can lock you up or put you out of business in a heartbeat. Here, business people say they're worried about security in the cloud, but isn't it really the same thing?
The problem is that companies that sell cloud services and the machinery that cloud services operate on haven't done a very good job of explaining what they do, and why it's safe to do it that way. Some organizations have figured out the situation on their own, which explains why the U.S. Department of Defense is one of the largest users of cloud services.
But the details that businesses care about, meaning the details that will keep them out of jail, just don't show up in most explanations. Instead we see drawings, explanations and promises of efficiency. But no one has explained to businesses in the United States or in Europe that transient data, meaning data traveling across the Internet, is nearly impossible to intercept and if you use a good enough quality of encryption, it won't matter if it is intercepted. Nobody can use the data anyway. Of course, there's more to it than that, but the point is that data in the cloud is safe. Moving data between companies whether they're in the same country or across the globe is safe as long as you take the trouble to make it safe in the first place.
In reality the truth isn't that Europe is more afraid of the cloud than the United States. The truth is that everyone is afraid of the cloud. It doesn't need to be this way, but to improve the situation we need to stop talking about the technology the cloud uses and instead we need to talk about how the cloud works in real companies in the real world and how it helps those companies operate effectively and safely.