Cloud Computing and Critical Data : Handling the situation

In one previous article, we have written about the risks with using free Public Cloud Computing services. In that article, we mentioned about Private Cloud Computing, which offers a more secured environment than the free one.

But, we need to think when a department is dealing with critical data.

 

How we can define the term ‘Critical Data’ in the Cloud Computing scenario ?

 

Basically the definition of Critical Data remains almost the same in Cloud Computing as it is in traditional computing. Health, Defense, Law – these sectors deal with > 80% critical and sensitive data. Now the risk seems bigger than the misuse or theft of proprietary data.

 

Departments with Critical Data and their planing to shift or use the Cloud Computing platform

 

Defense or some special areas and Institutions (like NASA) can use their own Cloud Computing platform. Simply, they do not need to think about the funding for own cloud computing platform that much as a small to medium size Health Sector will think. These medium sectors will use third party delivered cloud computing services.

Even with traditional computing, defense in many Countries, destroys the hard disk physically. There are ways for the hackers to retrieve it.

Critical data in Health Sector has more problems. Data can never be deleted forever. As sectors dealing with critical data are gradually using more and more Cloud Computing services, knowingly or unknowingly, these sectors should be more conscious about the privacy issues of Cloud Computing.

So, here are some tips for the personnels working in sectors dealing with the Critical Data on Cloud Computing platform :

• Never use the same password for all the employees where cloud computing is deployed and requires authentication.
• Extra layer of security, by biometric authentication technology may be employed to secured the systems which actually has direct read and write access through cloud computing platform.
• If an employee’s terms of service ends, who had the access to the core data either via any application running on cloud computing platform or cloud storage; the account must be deleted.
• It is very important to know about the company who is providing the cloud computing service, their reputation and experience with cloud computing.
• It should be understood well : Company A, who provides good cloud computing services to a general IT sector, might not be able to provide the needed security for Health. It needs a specialized understanding, which is making the implementation of cloud computing more tough in Health sector.