It stands to reason that Microsoft would be extremely interested in SMB opinions about cloud privacy, given its big push into the cloud with Office 365 and its associated services, like Lync Onine.
That security and privacy would and will be a large part of cloud purchasing decisions is also pretty much a given. Whenever I write about this topic, it gets considerably more attention than other things. (An example here: "7 ways SMBs can make cloud storage and backup safer.")
That's according to a survey of 769 SMB decision makers conducted by Microsoft and security expert Ponemon Institute.
"SMBs are expressing their interest in data protection by using it as a way to evaluate potential cloud providers," said Brendon Lynch, chief privacy officer for Microsoft Trustworthy Computing. "This desire for transparency from our customers is one reason we created resources such as the Microsoft Office 365 Trust Center to clearly explain our cloud privacy, security and compliance commitment."
How can SMBs protect their privacy and the privacy of their business partners?
The Microsoft research suggests that small businesses should do these three things:
- Ask for proof of compliance with various privacy standards
- Require them to fill out a self-assessment questionnaire that goes above and beyond the cloud provider's own service level agreements (SLAs)
- Make sure privacy provisions are added, where necessary to SLAs and contracts
One way that an SMB can find out quickly if a cloud provider it is considering is using certain industry-accepted security and privacy practices is to check out whether or not it is listed in the Cloud Security Alliance's Security, Trust & Assurance Registry (STAR). You can also download a sample of the questionnaire suggested above that you can modify for your company's unique business purposes.