Ensuring Trustworthy Data

In the cloud, company data that was previously secured inside a firewall may now move outside to feed any number of business applications and processes. Although cloud providers must have the proper controls in place to ensure the security and privacy of your data, you are ultimately responsible for your company’s data. This means that industry and government regulations created to protect personal and business information still apply even if the data is managed or stored by an outside vendor. For example, the European Union has implemented a complex set of data protection laws for its member states. In addition, industry regulations, such as the Health Insurance Portability and Accountability Act (HIPAA) created to secure the privacy of individual healthcare information, must be followed whether or not your data is in the cloud. Healthcare organizations must require their subcontractors to comply with HIPAA privacy considerations and use reasonable security measures.

Assessing hybrid cloud data risks

You need to be concerned about a number of issues in a hybrid cloud environment. Of course, the level of risk depends on the kind of data that you’re trying to secure. This data can range in type from credit card transactions to Social Security data to internal social network site data. You need to decide what kind of data you’re willing to either put into the cloud or connect to the cloud based on the risk you’re willing to take if that data becomes compromised ...

Get Hybrid Cloud For Dummies now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.