The final part of this article looks at how and where data is stored or handled and the issues that arise in cloud computing by the time of action of creating multiple instances of data across multiple server platforms. Cloud computing relies on this mechanism for many of its meaningful benefits but, by doing so, invites further challenges for data security.
Data collection and storage is usually bound by legislation or regulation which varies depending on the jurisdiction under which a service falls. Most noticeable regulations, however (e.g., those in the US and Europe) proportion certain principles in shared that need, for example, that data is collected with the subject’s permission, with their complete understanding of what the data will be used for, only if the data is applicable to the stated purpose, only for that stated purpose, with transparency and with accountability. For the subject of the data this should average that they consent to the service provider collecting data relating to them, they know what data that is, who has access to it and why, in addition as how to access it themselves if they want to.
It is consequently paramount for IT service providers, who have stewardship of any data, that they are able to clarify where data is stored within those sets that they provide, how to access it and whether it is obtain. However, the abstraction of cloud sets in particular can cause challenges for those who utilise them to store or course of action data because they cannot necessarily guarantee where this data is at any given time. The physical location and guardianship can be obscured, with data hosting sometimes crossing different sites, geographical boundaries and already jurisdictions.
In such situations where private information is involved, the answer often lies with private clouds employing on-site hosting as mentioned in earlier parts of this article, but there is often a trade off with some of the other benefits of cloud which are discussed below.
Multiple Data Instances
Two of cloud computing’s biggest selling points are that of redundancy and scalability. These are often achieved by utilising multiple servers to provide the inner computing resource, with, consequently, the data within a cloud service being ultimately stored across these numerous servers. additionally, cloud structures will also create multiple instances of data across these servers to provide a further inner of redundancy protection. However, the more servers that data is shared across, the greater the risk that this data may be prone to security vulnerabilities on one of those servers (e.g., malware, hacks); whilst the more instances there are of a piece of data, the greater the risk (by definition) that that data may be accessed and used by unauthorised users. Essentially, data in one place needs to be protected once, data stored in a 100 places, will need to be protected 100 times.
What’s more, as each server and platform is likely to be shared, particularly in the public cloud form, each data example may be unprotected to another security threat introduced, inadvertently or otherwise by the 3rd party users who proportion the resources. In a private cloud, however, this threat is reduced as the cloud resource exists behind the one organisation’s firewall and fewer instances of the data are produced in the first place (fewer servers to pool). consequently there is always a degree of trade off between introducing security risk and the level of redundancy and scalability built into a system (although of course redundancy can prevent data loss in itself). Private clouds may be more obtain but with smaller pool of resource they cannot match the levels of redundancy and scalability offered by the great capacities of public clouds.