Tag Archives: cloud computing

Deeper Dive: The Case of the Mysteriously Missing Security Breach in the Cloud

By Tanya Forsheit on Posted in Cloud Computing
For years now, there has been much talk and concern regarding the security risks associated with storing sensitive data in the cloud. These concerns are not unfounded. Hackers have grown more and more sophisticated, and a large cloud service provider is a high-profile and data-rich target, holding the sensitive information of thousands of companies and … Continue Reading

Five Practice Pointers: Risk Allocation in Enterprise Cloud Service Agreements

Photo of Andrew GoodwinBy Andrew Goodwin on Posted in Cloud Computing
Outsourcing information technology functions to the cloud entails risk for both companies and cloud service providers, especially when sensitive data is stored in the cloud. Sensitive data carries business risk and may be subject to a host of legal and regulatory requirements. Cloud service agreements, which typically use the cloud service provider’s forms, do not … Continue Reading

CAUTIOUSLY, EUROPE EMBRACES GOVERNMENT & ENTERPRISE CLOUD COMPUTING

Photo of BakerHostetlerBy BakerHostetler on Posted in International Privacy Law
Last week the European Commission's panel on privacy, commonly known as the Article 29 Working Party, provided long-awaited clarity (in the form of an "Opinion") on whether and how European governments and private enterprise can utilize cloud computing technology in their operations, including processing personal information and other protected data. Cloud computing is a broad term that varies in context and has been subject to hype, but generally refers to technologies and service models allowing the sharing of on-demand scalable computer resources over the internet, including software programs, computer storage space and elastic computing power. Implementing IaaS systems has allowed companies and governments to significantly reduce capital expenditures by eliminating the need for purchase and maintenance of computer infrastructure equipment. Cloud services also allow for rapid remote deployment of software and network solutions. Additionally, cloud services enable organizations to decrease reliance on developing sophisticated in-house staff since major cloud providers have trained experts monitoring the computing environment. But, because cloud computing leverages the internet and computing resources in geographically disparate locations, the technologies present serious privacy and data security risks. In addressing this fundamental concern the Opinion indicates that the principal risks are a potential lack of control over data and limited transparency into its processing. A cloud provider's infrastructure can seem opaque and lacking information ensuring the "availability, integrity, confidentiality, transparency, isolation, intervenability and portability of the data". Additionally, due to the collaborative nature of cloud computing, customers may not be aware of subcontractors in the supply chain handling their data. With due respect to the data security risk, many observers consider this to be the great triumph of cloud compuing - that is that is simply "works" without its users having to worry about the back-end.… Continue Reading

Facebook Implements California Consumer Privacy Protections In Rolling Out Its New App Center

Photo of BakerHostetlerBy BakerHostetler on Posted in Social Media
In this context, Facebook will require all software applications ("Apps") offered through the App Center to provide a clear link to its privacy policy. Third party App distributors will be able to utilize the Facebook App Center and its development tools to provide, and make discoverable, their mobile offerings. Given Facebook's increasingly large user base and existing third party App infrastructure, the App Center is likely to have an impact of significance on the global mobile application marketplace.… Continue Reading

PCI Security Council Releases Standards Guidance for Virtual Environments

Photo of Craig A. HoffmanBy Craig A. Hoffman on Posted in Cloud Computing, Payment Card Industry
Over half of the companies surveyed by Trend Micro in May 2011 reported having cloud computing services being developed, implemented, or already in production.  The survey also reports that security concerns continue to be a primary reason companies are holding back their adoption of cloud computing.  The security concerns related to virtual environments are heightened … Continue Reading

Practicing Law Institute Explores Key Considerations in Cloud Vendor Agreements

Photo of Peter BrownBy Peter Brown on Posted in Cloud Computing
One of the most significant trends in technology is the growing acceptance of cloud computing. Cloud computing is the on-demand network access to a shared pool of computing resources which can be rapidly deployed or contracted.  Many companies are using the cloud computing model to offer their proprietary software as a service (SaaS) which can … Continue Reading

Catching Up on Cloud Computing

Photo of Craig A. HoffmanBy Craig A. Hoffman on Posted in Cloud Computing, Information Security
 If you are considering cloud computing and need to address related data privacy concerns, the articles discussed below provide an explanation of how cloud computing actually works to help you with your analysis.  The National Institute of Standards and Technology (NIST) recently revised its definition of cloud computing: “Cloud computing is a model for enabling … Continue Reading
LexBlog