Fire and Security

Is user data safe in the cloud?

September 24, 2010: 3:00 AM ET

Thousands of websites and millions of pieces of private data are increasingly in one big cloud, where some of the old rules of data security are out the window.

Cloud Computing

Image by Kevin Krejci via Flickr

With the rise of cloud computing companies, and the ferocity with which tech's biggest companies are snatching those firms up, it's no secret that a good chunk of our user data is already stored in the cloud. Our emails, our documents, our social network profiles and hundreds of thousands of tiny startups already rely on cloud services like to be more productive and cost-effective. But one concern that remains constant is that of security. By off-loading more data to the cloud, are companies increasingly opening themselves and their users up to hacking, data loss, and privacy compromises?

What's at risk

Take the example of credit card data. Most of us don't think twice about saving account numbers and security codes into our online shopping profiles. The Payment Card Industry (or PCI) is a global information security standard established by a consortium including Visa Card, MasterCard, American Express and Discover, that places specific requirements on the operational infrastructure that handles high-risk data like credit card information. If an infrastructure doesn't conform to any and all PCI regulations, then it's not PCI compliant. And because cloud infrastructure is so vastly different than that what PCI was written for, most cloud service providers are in fact, not PCI compliant. More

Current Issue
  • Give the gift of Fortune
  • Get the Fortune app
  • Subscribe
Powered by VIP.