Data Protection versus Cloud Computing – Public Clouds
Since a fairly long time, two little words are on their way: Cloud Computing. Cloud Computing is a concept from IT-Management and has the aim – described easily – that the IT-domains will not be operated via the user anymore but rather via one or more service providers. The data and applications will not be found on the local computer or data processing service center but rather will be stored in the so-called Cloud.
The concept of Cloud Computing has the aim to present the liberty, to provide services from any place in the world. However, the liberty of these Clouds will be initially limited in Europe. Reason for that is the restrictive Data Protection regulation. In case of a Cloud-based processing of personal data outside the EU, the processing is not allowed according to the German Data Protection Act. That would mean that country-specific data monopoles can develop. Thus, the risk might increase, that a numerous countries can become the target of hackers.
The usage of Clouds is not without risks for companies as well. Especially sensitive data can trigger serious security concerns. Companies, which decide to use Cloud Computing, need to define clear access rights which will not be passed to someone else under no circumstances.
Not only because of the Data Protection concerns, many organizations nowadays evolve to a Private Cloud that offers the same cost benefits and flexibility as Public Clouds, but with less perceived risk and greater security and accountability. This idea is gaining increasing acceptance among large enterprises.