Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

When your data's in the cloud, is it still your data?

Thomas J. Trappler | Jan. 18, 2012
When your data resides on a cloud provider's infrastructure, your ownership rights could be compromised.

* Define how long after termination of the contract your data will remain accessible.

* Quantify the cost to you (ideally none) to export your data.

Some vendors have begun to embrace these ideas. For example, see Google's Data Liberation Front efforts and Microsoft's Office 365 commitments regarding Data Portability.

Other access issues

When codifying your rights to access your data, be sure to consider emergency situations. For example, e-discovery obligations to preserve, collect and produce data for litigation-related discovery actions can be more difficult to comply with when your data is in the cloud, because you do not have direct control. Yet your failure to produce pertinent data in a timely manner can result in significant fines. This risk can be mitigated by contractually requiring the cloud provider to establish mechanisms by which you can retrieve your data within a specified time frame.

Finally, the contract should obligate the provider to destroy your data after termination of the contract and should specify the manner in which this should be done, the time frame for doing so, the need for the cloud provider to produce certification of destruction, and your right to audit.

 

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.