Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Does Storing Data In The Cloud Lead To Any Compliance Challenge?

DZone's Guide to

Does Storing Data In The Cloud Lead To Any Compliance Challenge?

Almost everyone is using cloud storage in some capacity. But is cloud-based data storage causing compliance issues? Find out.

· Cloud Zone
Free Resource

Deploy and scale data-rich applications in minutes and with ease. Mesosphere DC/OS includes everything you need to elastically run containerized apps and data services in production.

For the past many years now, cloud-based storage has moved back and forth between a replacement approach for current back-up storage fixes and a traditional economical however intricate real-time storage solution for online web systems and businesses. Much like the initial trend of virtualization, many companies are still yearning to chalk out whether the cloud storage really blends with their existing IT infrastructure goals.

Not like basic server virtualization, and perhaps more critical however, is the tenacity of queries whether cloud storage is first hand conforming to legal frameworks. Cloud storage brings with it an additional concern of challenge: Compliance.

Data transmission and storage may come under many provincial regulations involving the security and availability of personal data. For instance to agree to comply regulations in the United States and the Data Protection Directive in the European Union,  it is essential for firms to adhere to such data compliancy laws all through the life of the information provided. When data is saved in house, as it is with the conventional data center mock-up a firm has complete control over where the data is placed, type of format the data is stored, and who should be given access to such data. Including cloud storage changes that on-premise control model.

Storage and compliancy don’t have to overturn the business value of storing data in the cloud; there are alternatives available for companies to aid in data regulations with respect to the cloud. One relatively effortless resolution is to consider a third party cloud solutions provider that’s exclusively located within the same location as the company itself. In view of the fact that the data will be stored beyond location in the same layout as it would be if stored in-house, adhering to local regulations should be relatively uncomplicated. The company will need to guarantee that the local cloud provider is completely localized and not using geographically removed data centers for disaster recovery, for instance, however it’s a small price to pay if data privacy and compliancy are crucial to the business.

Storage and compliancy don’t have to overturn the business value of storing data in the cloud; there are alternatives available for companies to aid in data regulations with respect to the cloud. One relatively effortless resolution is to consider a cloud computing provider that’s exclusively located within the same location as the company itself. In view of the fact that the data will be stored beyond location in the same layout as it would be if stored in-house, adhering to local regulations should be relatively uncomplicated. The company will need to guarantee that the local cloud provider is completely localized and not using geographically removed data centers for disaster recovery, for instance, however it’s a small price to pay if data privacy and compliancy are crucial to the business.

There are also newer technologies that help businesses address data privacy laws with off-site cloud-based storage. Encryption for stored data and in transfer has long been a feasible security tool for maintaining privacy, and can persist to be so for cloud-based storage as long as the methods used to decrypt and access that data are kept within the firm’s control. It is ineffective to store encrypted data in the cloud if the keys used to decrypt that data are also saved in the cloud. By keeping encrypted data in the cloud and access to the data on-premise, firms may be able to maintain regulatory compliance in the cloud.

Another resolution that’s just being batted around for data privacy and cloud storage is masking the data in the cloud using some type of tokenization. Although the data stored in the cloud would be stored and in the clear, personal information – for instance a Social Security Number would be stored as reference values only. Like decryption keys, the token or key used to unselect the priority of the data stored in the cloud would need to be saved and only functional to the referenced data in-house. The resultant personal identification data would never be stored once it was de-referenced, but only utilized in protected transactional systems.

There’s no query that cloud storage opens up new business opportunities for firms in many different locations. Nevertheless there’s also no query that how these new technologies are utilized and where they are located is going to impact the decision on outsourcing data storage to the cloud. When data is moved beyond an firm’s technological and geographic borders, the company runs the risk of losing control of how that data complies with regulatory compliance. By addressing legal and regulatory challenges up obverse through technology, an organization can begin architecting an outside location; cloud-based storage solution that meets the business’s requirements as well as keeps regulatory compliance at cover.

Discover new technologies simplifying running containers and data services in production with this free eBook by O'Reilly. Courtesy of Mesosphere.

Topics:
cloud storage ,cloud

Opinions expressed by DZone contributors are their own.

THE DZONE NEWSLETTER

Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

X

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}