Businesses today are increasingly turning to cloud computing solutions and accumulating data in the cloud at a staggering pace. Although cloud solutions have many advantages, they also present challenges. For example, cloud providers generally do not customize the cloud environment for any particular customer’s business needs given the multi-tenant nature of cloud solutions. In addition, complying with data privacy and cyber-security regulations in the cloud environment requires special consideration.
Prudent practices dictate that customers conduct due diligence on providers and the security of their solutions. Successful and compliant use of cloud computing requires businesses to fully evaluate the nature of the data to be placed in the cloud, the associated data privacy and cyber-security laws applicable to that data, and the structure and location of the cloud solution itself. This article describes five privacy and security-related questions that a general counsel should ask regarding cloud services.
