Cloud Security: Whose Responsibility Is It? Part 1

There are lots of advantages to cloud computing. Backing up important data makes it easily accessible to everyone in your company and frees up space on your servers. You almost certainly have several questions about cloud security and may be wondering if cloud security will protect your client’s data and comply with HIPAA, PCI or Sarbanes-Oxley regulations.

Is your cloud storage solution following these requirements? If they don’t indicate it in their privacy policies, it can be hard to tell. Let’s explore this further below.


Security has always been an important issue and as a growing number of companies utilize the cloud for storage solutions the question arises: How secure is the cloud? Storing information in the cloud can be very economical, yet the cost for poorly handling customer data can be extremely high. If your organization needs to comply with regulations like HIPAA, your main concern is what regulations do cloud services abide by.

Who is responsible

Who’s shoulders does the responsibility fall on? There is no law requiring that cloud service providers divulge the degree of security they maintain. While they probably do have a decent amount of safety protocols set up, the safest option is to take their privacy policy at face value. In this case, if you need to stay in compliance with HIPAA, PCI or Sarbanes-Oxley, cloud computing may not be for you. Having said that, if your industry does not require tight regulations, then you could take advantage of the benefits cloud-computing offers. 

Ultimately, as there is no current law that states that companies must divulge how tight their security is, the responsibility is in your hands. You must weigh the pros and cons of cloud storage to decide if it’s suitable for your business. 

Leave a comment!

You must be logged in to post a comment.