Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

No Data Privacy In The Cloud: Page 2 of 2

When I personally look at things like this, my mind goes even further down the rabbit hole. Does this stop just at the United States and Patriot Act requests?

If the Chinese government (or any overseas government) asked a firm with a large presence there to turn over data of U.S. companies stored in servers in the United States, would the firm do it? My own pessimistic take is that there are more than a few companies that would be happy to do so. And given that the Chinese government is a partial owner of every Chinese company, would your data end up in the hands of a competitor?

In the end, both of these scenarios are good arguments for having strong encryption for cloud-based data and having the keys for that encryption solely in the hands of your own business. If the cloud provider can’t decrypt your data, it can’t turn the data over.

This is also a good argument for private cloud deployments, where a company can get some of the deployment and virtualization benefits of the cloud without having to wonder about the security of the data.

Because, in the end, if your data is on someone else’s servers, and they can see or decrypt the data, then it isn’t just your data anymore.