Privacy guide to cloud computing

February 20th, 2013 at 4:00 pm by David Farrar

The has published a guide for users of cloud computing. It’s a very useful resource.

Their checklist for small business is:

  1. Figure out which cloud services will work for you and what your current risk level is
  2. Know what information you’ll be sending to the cloud
  3. Recognise that the responsibility is ultimately yours
  4. Security – lock it down
  5. Check out your provider
  6. Know exactly what you’re signing up for
  7. Be as up front with your clients as you can
  8. Location – where will the information be?
  9.  Use and disclosure – who sees the information and what will it be used for
  10. Ability to exit, and deleting information

I just wish data caps were higher so I could backup my stuff to the cloud in real time.

4 Responses to “Privacy guide to cloud computing”

  1. barry (1,233 comments) says:

    Oh – more stuff that sounds similar to the stupidity of the coroners pronouncements.

    Why cant we just be told – “there are risks involved in using cloud storage. It maybe subject to the juristiction of other states. You will need to be aware that there maybe privacy issues if you use cloud storage – not the least being that the USA may have the site closed and you will lose access to the files”

    And let people run the normal risks of doing business.

    Vote: Thumb up 2 Thumb down 0 You need to be logged in to vote
  2. Jim (601 comments) says:

    Nothing in there resembles the coroners pontifications.

    It appears to be useful points worth considering and not based on posturing or politics. Fair advice for the uninitiated. Nice that they mention “Recognise that the responsibility is ultimately yours”. If only the rest of govt would take a similar position.

    Also this has a huge overlap with information security generally. You don’t need cloud to fuck up in this area. Just ask WINZ, or anyone still using Rails.

    I wonder though: how is this supposed to find its way into the reading list of its target audience?

    Vote: Thumb up 0 Thumb down 0 You need to be logged in to vote
  3. davidp (3,864 comments) says:

    One section reads: “It’s vital to maintain your relationship with the people whose information you hold. They have entrusted you with their personal information. You need to be able to assure them that it’s being looked after. If you let them down, you’ll lose their trust – and quite probably their business.”

    She should add that you might lose their business, unless you’re government where you can run a slack approach to IT security and privacy and people have no choice but to keep dealing with you.

    Vote: Thumb up 0 Thumb down 0 You need to be logged in to vote
  4. Fletch (8,996 comments) says:

    Link to a very good site that lets you manage all your cloud sites from one place for FREE –

    Vote: Thumb up 0 Thumb down 0 You need to be logged in to vote