The cloud fuels much of the digital landscape surrounding our work and personal lives. It allows for collaboration across international borders, sharing of information between coworkers, family and friends, and serves as a mobile storage unit for our memories.
With its rise in prominence comes lingering doubts about cloud security. Eighty-seven percent of IT departments reported concern about data privacy (registration required), according to a Dimensional Research study last spring. Yet these concerns don’t just apply to the business world, as personal use of the cloud increases for consumers.
Are we heading towards a privacy breakdown with this convergence of personal and work cloud usage?
Find the Source
It's difficult to pinpoint the exact source of the privacy breakdown.
With the number of users accessing the cloud, a strong understanding of cloud security at the organizational level is imperative yet it is not evident in the business world. According to the Dimensional Research study, 56 percent of IT departments reported that employees had inadequate awareness and understanding of data privacy.
Adding to this concern, 82 percent of IT departments reported having employees who failed to follow data privacy policies. This lack of education and disregard of policy is a major factor in the breakdown of cloud privacy. When those who are using a cloud service don’t fully comprehend the repercussions of careless use, caution is thrown to the wind and along with it, so is security.
Those who utilize the cloud — whether on a personal or professional level — need to know what factors can compromise cloud security. For example, it’s important to know who has access to folders with information stored in the cloud and how much sensitive data can be accessed. Are the people who currently have access to the cloud the group of individuals that absolutely need it? What’s more, is the level of sensitive information proportionate to their role and scope of work?
For employee cloud access, utilizing multiple devices synced with personal consumer cloud services can also be cause for concern. While cloud access allows us to be mobile, this mobility creates additional risk factors that can lead to a privacy breakdown.
According to the Cisco Visual Networking Index, global mobile data traffic grew to 74 percent in 2015, with more than half a billion mobile devices and connections being added. When employees access their work and personal cloud folders from their tablets and smart phones, a mix up of professional and personal files can occur. This can compromise sensitive business data.
Privacy Across Borders
A lack of awareness and education can be seemingly easy pain points to address within an organization. But a similar pain point is apparent on the macro level as privacy is defined differently across borders. Data privacy is lax in some nations and stricter in others, with the European Union cited to have the most comprehensive approach to data privacy.
What’s more, data privacy laws also differ from state to state within the US, which makes it difficult to keep track of how data should be controlled even at a national level.
With a growing global economy, many businesses are operating at international scales which results in customer and company information transferring across borders. While the information that transcends these nations remains the same, the protocols and guidelines of how to keep that information secure differs.
The European Union and the United States have recently encountered hurdles with the Safe Harbor agreement resulting in thousands of companies worrying about the status of data transfers. This places additional pressure on CIOs at these organizations to ensure cloud data storage is not infringing upon privacy laws.
Preventing the Breakdown
Businesses should get better informed of cloud use on the macro and micro level and pass that knowledge on to its entire staff. By implementing detailed company policies on data privacy and educating employees about safe data privacy practices, everyone will not only be able to understand the “how” of cloud storage, but also the “why.”
Proper awareness also ensures that employees fully comprehend the cause and effect of their actions. What’s more, employees will be able to understand that threats don’t start and end with the business, but can reach into their personal lives.
This means that company policies also have to address personal device usage and whether these devices have access to company cloud data. If they do, then precautions, such as ensuring the device has relevant anti-virus software and anti-malware, need to be taken. Businesses also need to move into a model where data is stored centrally in the cloud as opposed to scattered across each employee’s personal cloud account. This increases security and also ensures that information is not lost if an employee leaves the company.
Internationally, the recent Safe Harbor Agreement is only the tip of the iceberg in terms of cloud data privacy. Best practices, guidelines and laws for international cloud usage require a thorough review of the laws within the nation, the type of business operating, and the kind of information being shared.
What’s more, the understanding of data privacy law will require more attention as 27 percent of businesses reports its IT team lacking knowledge in this area, according to Dimensional Research. While there is no black and white solution, key decision makers within an organization need to be mindful of keeping its constituents secure.
Cloud technology privacy as we know it is under severe scrutiny, however, eliminating cloud usage hinders collective innovation. Choose cloud services that centralize and provide control over company data. And push innovation through education and constant evaluation of national and international laws to match the pace of technology and results in the creation of enhanced privacy, rather than a breakdown.