Best practice for using cloud computing in Europe 2013

Introduction

Organisations are now using the cloud for processing and storage; petabytes of data is being indiscriminately stored in the cloud without the appropriate protection.
This article (part one) will focus on the first four principles of good information handling. These principles will cover the obligations on organisations for processing and storing data. This is a two part article.
The eight data protection principles summarise the requirements which need to be achieved for good data handling to conform to the Data Protection Act. Although these principles are not specific to the cloud, any organisation using, processing or storing personal information in the cloud are required by European law to abide by these as well.
Information security in the cloud is an issue of public concern as well as technical compliance. If personal data in the cloud is not appropriately safeguarded, the organisations repute and success is at risk and numerous individuals’ safety could be compromised.
When cloud computing is utilised it involves three main groups, they are the cloud service provider, the cloud customer (the organisation opting to use the cloud service) and the cloud user (the end user of the service). It is important that both the cloud service provider as well as the cloud customer have a good knowledge of the eight principles of good data handling and conform to them.
The eight data protection principles for good data handling are:
  1. Processing personal data fairly and lawfully
  2. Processing personal data for specified purposes
  3. Information standards
  4. The rights of individuals
  5. Information security
  6. Sending personal data outside the European Economic Area
  7. The conditions fofor processing
  8. Exemptions

Author: Ricky M. Magalhaes
Source and full article:
http://www.windowsecurity.com/articles/Best-practice-using-cloud-computing-Europe-2013-Part1.html

0 yorum: