Managing data securely involves many things, but one element that suppliers make quite a song and dance about is the fact that they encrypt your documents/data, making it “100% secure.” But things are not quite that simple, and you need to ask some more probing questions before taking that sort of claim at face value.
- Are my documents encrypted whilst “at rest” in your system?
- Are my documents encrypted whilst “in transit” to your system?
Check out the May 2011 draft standards:
Recently, NIST published their Draft Cloud Computing Synopsis and Recommendations (May 12, 2011). It is a must-read for anyone contemplating cloud computing, or as attorney Craig Ball laid it out, contemplating “three on-demand service models delivered via a network.”
Also refer to the other cloud posts on our blog: