How can SMBs protect privacy when moving to cloud? Some ideas

How can SMBs protect privacy when moving to cloud? Some ideas

Summary: Almost 60 percent of small businesses responding to a Microsoft-sponsored survey about cloud computing said privacy policy will make or break a cloud purchasing decision.

SHARE:
TOPICS: SMBs, Cloud, Security
0

It stands to reason that Microsoft would be extremely interested in SMB opinions about cloud privacy, given its big push into the cloud with Office 365 and its associated services, like Lync Onine. 

That security and privacy would and will be a large part of cloud purchasing decisions is also pretty much a given. Whenever I write about this topic, it gets considerably more attention than other things. (An example here: "7 ways SMBs can make cloud storage and backup safer.")

But did you know that privacy policy is a make-or-break selection criteria for 59 percent of small businesses? 

That's according to a survey of 769 SMB decision makers conducted by Microsoft and security expert Ponemon Institute.

"SMBs are expressing their interest in data protection by using it as a way to evaluate potential cloud providers," said Brendon Lynch, chief privacy officer for Microsoft Trustworthy Computing. "This desire for transparency from our customers is one reason we created resources such as the Microsoft Office 365 Trust Center to clearly explain our cloud privacy, security and compliance commitment."

How can SMBs protect their privacy and the privacy of their business partners? 

The Microsoft research suggests that small businesses should do these three things:

  • Ask for proof of compliance with various privacy standards
  • Require them to fill out a self-assessment questionnaire that goes above and beyond the cloud provider's own service level agreements (SLAs)
  • Make sure privacy provisions are added, where necessary to SLAs and contracts

One way that an SMB can find out quickly if a cloud provider it is considering is using certain industry-accepted security and privacy practices is to check out whether or not it is listed in the Cloud Security Alliance's Security, Trust & Assurance Registry (STAR). You can also download a sample of the questionnaire suggested above that you can modify for your company's unique business purposes.

Related stories:

7 ways SMBs can make cloud storage and backup safer

 

Topics: SMBs, Cloud, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion