The Cloud is Trustworthy—If You Choose the Right Provider

Cloud is Trustworthy

Data privacy is a concern wherever confidential information exists. In the cloud, it’s even trickier, because distributed resources make knowing where data is located and who has access to it—well, tricky.

At least that’s what the skeptics have said; but the tide is turning. Mixed metaphors aside, CIOs are starting to see the benefits of cloud-based systems for every type of business function, from CRM to ERP—even HR systems. This is evidence, according to Forbes contributor Louis Columbus, of how the cloud is slowly winning the “trust war.”

“Trust is the greatest accelerator there is in cloud computing’s growing adoption, and that’s earned when cloud applications get beyond simple metrics to delivering insights and useful intelligence on secured platforms,” said Columbus.

However, the question of data security still hangs in the air. What constitutes data security in the cloud? How can you be sure your cloud service provider delivers on the promise of security, even as it distributes resources across multiple tenants to help you cuts costs and increase your ROI?

In truth, data privacy goes beyond safe data transit over digital channels. A cloud services organization is full of people, and due to the nature of their jobs, many of them may have access to your data. In an ideal world, the vendor should be able to limit data access to meeting the operational needs of the service, and prohibit direct access to support staff. In other words, the customer should be in charge of granting access to data, if requested. Additionally, SLAs should exclude data sharing and/or monetizing clauses to ensure that the cloud provider is bound by privacy requirements. Unfortunately, very few cloud services vendors have made that possible.

One major land-mine to watch out for is data monetization by the service provider. Even though customers own their data, service providers design their privacy policies such that they could build a large data warehouse or data mart to share and monetize data analytics as a business intelligence service. Given the Big Data technology revolution, it’s quite possible for every cloud provider to aggregate data from all of their customers and offer analytics services around them. Customers have to be extra diligent in reviewing the privacy policies and their updated versions, to make sure that their data privacy rights aren’t violated.

Basic security plus a little extra

When you’re deciding on what cloud solution to deploy for any business-critical function, make sure that your provider has the following cloud security procedures and processes in place:

  • Application security, including the controls necessary to ensure all your business data remains fully secure
  • Access to the application must require user authentication and password protection
  • Role-based user access to limit access to specific modules within the application
  • Secure Sockets Layer (SSL) to ensure that all information sent between your computer and the cloud server is encrypted
  • Password encryption with configurable length, composition and expiration
  • Automatic timeouts for idle user sessions
  • Provision of separate database schema for individual customers

In addition to data and application security, network protection, disaster recovery, physical security and environmental controls should also be in place. Annual audits for SSAE 16 (formerly SAS 70) compliance ensure that proper controls and processes are in place to deliver on the service commitment and keep your data safe.

Yes, you can trust the cloud—if your cloud provider is trustworthy.

Suresh Kuppahally
ABOUT THE AUTHOR
Suresh Kuppahally
Suresh is the EVP of Engineering and Ops at Replicon. Replicon provides award-winning products that make it easy to manage your workforce. With complete solution sets for client billing, project costing, and time and attendance management, Replicon enables the capture, administration, and optimization of your most underutilized and important asset: time.
Get started today.
Set up a free trial based on your business needs. Start Free Trial

The Risky Business of Enabling a “Fake it Till You Make it” Culture

VCs cannot know the outcome of their investments, of course, but some have an agenda nonetheless - even if it means promoting a risky culture By Lakshmi Raj, Co-Founder and…Read More

How the Overtime Rule Affects Employee Benefit Plans

Some employers use benefit tiers for exempt and nonexempt staff By Stephen Miller, CEBS SHRM | October 08, 2019 Employers complying with the Department of Labor's final rule raising the…Read More

Make Time and Attendance Part Of Your Digital Transformation

TLNT | October 10, 2019 By Raj Narayanaswamy, Co-founder and co-CEO at Replicon Many businesses embarking on a payroll and HR transformation journey can easily get caught up in the…Read More

Consulting firms: 4 ways to improve billing & get paid on time

At the end of the day, your consulting firm relies on the assumption that a good percentage of clients will honor their payments promptly and accurately. In the professional services…Read More

5 ways to improve service delivery in your organization

In a highly competitive market, service-based businesses need to capitalize on any opportunity to set themselves apart from their (often very similar) competitors. While implementation, system details, and service management…Read More

Demystifying the millennial workforce: 5 tips from Trunk Club’s Andrew Anderson Devine

Time magazine labels the millennial generation the “most threatening and exciting generation,” infamous for “narcissism [and] its effect: entitlement.” In the workplace, the perception of the millennial workforce is no…Read More
  • Cloud
  • In The News
  • Corporate
  • Professional Services Management
  • Project and Program Management
  • Shared Services Management
  • Time and Attendance Management
  • Workforce Management
  • Customer Feature
  • Feature Update
  • Time Intelligence
  • Industry News
  • Webinar Recap
  • Global Compliance Updates
  • Chat with us
    How can we help you?