Who owns what?
The complex nature of many companies’ terms and conditions usually hide away hidden clauses stating that the company is ultimately the owner of anything you upload onto a cloud computing service. At the end of 2012, Instagram faced public outcry when some of its terms and conditions changed meaning that the company could use their users’ photos in advertisements or competitions without their permission.
Instagram promptly turned around this condition after losing many users, but many other big companies still have vague terms and conditions of use that users unwittingly sign up for, like Google Drive which states that users give them a worldwide license to use their content however they wish. Other cloud storage operators like Microsoft SkyDrive, Dropbox, Amazon Cloud Share and Rapidrive all have the same worrying conditions within their terms of service, including the clause that they have no responsibility if your data is deleted. So how can we be sure that what we upload to the cloud is ours and it will stay there without being tampered with?
The rise of the cloud and its security
As more and more small businesses adopt cloud software, it’s increasingly likely that users will begin to store data on their own cloud servers and rely less on huge software like Facebook or Dropbox to hold their files. The government has also recently adopted its own cloud software, G-Cloud which offers civil servants the opportunity to centralise their data in one convenient place.
With the widespread adoption of cloud software, companies are working together to establish a standard for cloud security too, reassuring users as well as tightening up security flaws. Many companies work to existing security standards such as ISO 27001, however there have been movements towards a more unified standardisation of cloud storage security.
Additionally, taking the principles of data protection and applying them to anything kept on the cloud is a start to reassuring users and preventing attackers from breaking in to the data. Encrypting data and having a secure data key storage is a start to warding off any hackers, as well as adding two step authentication processes to log users in.
The way to use this software risk-free in the meantime is to use hybrid cloud computing, which enables users to keep sensitive data locally, but access applications and other data through the cloud system. Until a unified approach is taken by large companies, many businesses will encourage their employees to keep sensitive data off of the cloud until a more reliable network is offered.