Cloud computing is an attractive, low-cost means of collaboration. But have you considered the risks involved with placing documents with PII “in the cloud”?
The monthly column I wrote for the December 2008 CSI Alert was, “Cloudy Privacy Computing.” Here’s the first section…
“Is cloud computing cumulous or cirrus?
At Thanksgiving dinner, some of my relatives (none of whom are in the IT, information security or privacy industries) asked what I was writing about now. I mentioned that I was looking into the privacy implications of cloud computing. After some silence and a few shared glances at each other, one asked, “Are cumulous more dangerous than cirrus to computers?” The concept of “cloud computing” is not well known by most folks. Certainly not the personnel using a vast and growing number of cloud computing applications, without even know it, from business networks. If they don’t know what they are using, then how can they know the information security and privacy risks involved?
“Cloud computing” floated across the IT horizon in 2008 to become one of the hot topics of conversation for most IT leaders. For those who may wonder, cloud computing is a nebulous (or should I say cumulous) term used to describe any of a number of services or applications that many businesses, as well as individuals, use that are actually located outside the network perimeter and on other entities’ servers accessible via the Internet. They are very much like silent business partners.”
You can read the rest of it here.
I welcome your feedback!
Tags: awareness and training, cloud computing, compliance, Information Security, IT compliance, IT training, policies and procedures, privacy, privacy training, risk management, security training