Data on Cloud is Secure

 

Some of our clients do express a concern on the privacy of the data. The concern comes from different perspective. One perspective is the data on the cloud. Other perspective is that service providers like us get excess to data. Another concern is whether the residents get access to data. The concerns are fully understandable.

 

 

Whenever there is data, there is a risk with the data.  A society needs to have risk assessment about the data. The privacy of data is just one risk. There are more risks such as back-up of the data. Let us assess the data risk with each of different data media scenarios

 

Data Media

Availability and Usability

Risk Assessment

Risk Mitigation

Physical Registers

Very Poor

·         Data Can be lost easily / can be destroyed easily

·         Keeping  copy of registers increases the risk of loss of data privacy

·         Very difficult to control register access. Facility management team always has access to the register

·         Keeping data in register does serve very little purpose.

·         Maintain the data in the register if it is for regulatory compliance

Files with Register Documents

Very Poor

·         Data can be lost easily/ can be destroyed easily.

·         Maintain physical security of the file

·         Keep a scanned copy of the documents.

Desktop Application

Poor (only the person using desktop has access)

·         As the data is available in electronic form, copying of data is possible

·         Most of the data / reports end up getting printed and thus become easily sharable

·         The whole database can actually be copied and shipped out

·         Typically, there is no back-up of the data / or manual back-up processes

·         Put some strategy to take data back-up on regular basis

·         Employ IT people to maintain and take the data back-up

·         Either pay expensive AMC for the software or do not upgrade

Web Application

Very Good

·         As data is available in electronic form, it can be shared. There are always some service providers who would have access to the data.

·         Computing infrastructure risks are present. Society needs to setup its own mechanism

·         Employ IT people to maintain and take the data back-up

·         Maintain a mirror image of the application (possible but very expensive)

Cloud Application

Very Good

·         As data is available in electronic form, it can be shared. There are always some service providers who would have access to the data.

·         The cloud service provider has access to the data

·         Service providers do have mechanism to protect the data and access to its employee

·         The best mechanism is contractual mechanism to secure the data privacy

 

 

 

A quick summary of the analysis is as follows:

 

  1. All physical data formats have low risk of data privacy but have a huge risk of data safety. They have very poor data availability and usability

  2. A desk Top based application has low risk profile but has significant infrastructure risk and have poor data availability

  3. A Web based Application and Cloud Application have similar risk profile.  The data is always accessible from the cloud.  The cloud application takes away all the computing infrastructure dependencies and risks as well.

 

 

 

We must emphasize that cloud systems are being used world-wide in all the types of application including financial and defence application.

 

A society should not exercise every precaution for the data privacy of the residents and the society but should not over-react.

 

Please do share your thoughts and comments. You can reach out to us at This email address is being protected from spambots. You need JavaScript enabled to view it. .

 

 

 

 

 

 

 

Add comment


Security code
Refresh

Additional information