Cloud Security: Whose Responsibility Is It? Part 1

Cloud Security: Whose Responsibility Is It? Part 1

The advantages of cloud computing are clear. Not only can you free up needed space on your servers and computers, you are able to backup valuable data and easily share it within your company. But when you are considering data sharing and storage for your business, you may have some concerns about cloud security, particularly if your business requires you to protect consumer data in a way that is compliant with HIPAA, PCI or Sarbanes-Oxley regulations.

Is your cloud storage solution following these requirements? If they don’t specify it in their privacy policies, it can be hard to tell. Let’s explore this further below.


Cloud security has become an important issue recently, as increasing numbers of companies turn to online storage solutions, trying to find greater simplicity, scalability and affordability. However the price in both money and reputation for poor handling of customer data can be quite high indeed. If your organization should comply to key regulations associated with patient privacy (HIPAA), credit card security (PCI) or the finance-sector strictures of Sarbanes-Oxley, it can be hard to find out if a service complies with these important restrictions.

Who is responsible

Who’s shoulders does the responsibility fall on? There is no law requiring that cloud service providers reveal the level of security they maintain. While they probably do have a respectable amount of safety protocols in place, the safest option is to take their privacy policy at face value. In this case, if you need to stay in compliance with HIPAA, PCI or Sarbanes-Oxley, cloud computing might not be for you. That said, if your industry does not require tight regulations, then you might take advantage of the benefits cloud-computing offers. 

In the end, as cloud computing service providers are not required by law to be transparent regarding their security, the responsibility rests in your hands. If you choose to use the cloud, it’s your responsibility to choose a service provider you trust. Weigh the advantages and disadvantages and make the best decision for your business.