Today, it feels like every blog is advising businesses to move to the cloud. Every cloud service is promoting themselves as the cheaper alternative than hosting your own servers. Every email provider is vying for you to move away from your Windows Mail server. Why wouldn’t you? It’ll save you money up front, and it’ll lessen the need to have more “IT guys”. Oh! And you’ll enjoy more uptime too! There are hidden costs, however, costs that are unexpected. One of which is data security.
You Don’t Know Who has Your Data
Email Company XYZ is the company that you’re paying to hold your data, but usually the company you’re paying isn’t the company who is holding your data, they’re just providing a way to access or manipulate it. Jane Smith is your representative, but she doesn’t have your data, she fixes XYZ’s service to cater to your needs.
Your data is actually in a gigantic datacenter somewhere – let’s place this fictional center in Texas – under the careful eye of George, the security guard. What do you know about George? Nothing.
Your Data Might be Caught in the Crossfire
The Texas datacenter that houses your sensitive emails with proprietary information about your company’s latest R&D project resides on servers within their center. Also on the same server are emails from Fortune 500 companies as well as Lucille’s, the 90 year old Craftsy home businesswoman. Both can be problematic for your data.
The Fortune 500 companies are popular targets for all kinds of shady characters. Everything from the malicious thieves who are looking to make a few dollars off of some of the richest people in the world, to the hacking social justice warriors who want to punish perceived slights on those they want to protect. Even government agencies are attacking big companies, trying to gain access to data that they have no business unlocking.
Lucille is another kind of problem. You see, she doesn’t really understand her email. She gets special offers from certain Nigerian princes and is expecting her million dollar check anytime now. In the meantime, she’s given them everything they need, including passwords. They now have an in to find where her data is housed, and a customer’s terminal to do it from.
Little to No Governance
There are practically no rules or laws over data in data centers. The only thing that’s protecting your data from being sold to a third party is company policy. Company policies change based on what makes the company profitable, and your data might be what makes them more profitable.
Tracking
Using any service, especially if it’s a free service, will likely mean your every move is tracked by the company. Perhaps not what you use the service for (although it’s entirely possible that this is also tracked) but certainly how you use the service. You might be comfortable with being tracked on your personal PC, but I can’t imagine you like the idea of your business habits being traced.
Sometimes cloud computing is exactly what you need at the price you need to pay. Other times, it’s just not worth the real price.
