One of my organization’s highest concerns is its data and informatio

1.	One of my organization’s highest concerns is its data and information privacy. Most of the employees also alarm similar attention. How cloud computing deal with it?
Answer» In more general terms, data and information privacy is the rights you have on having various controls over how your data and information are managed across its entire lifecycle – when acquired, maintained, used, published, transferred, stored, archived and disposed. Even though it looks quite similar with data and information security, in most cases these two definitions are found overlapped, they have a major difference to CALL to mind. Privacy CENTRE of attention is on how data and information are used and governed through certain policies, laws and regulations. On the contrary, the primary focal point of security is how data and information are protected from countless threats and vulnerabilities. In consequence, the last-mentioned isn’t adequate enough to deal with privacy. What you could possibly do is collecting any information from the cloud provider as much as you could on: Processes How your data and information are processed in the cloud together with but not limited to where the provider is from, their head and in-country office, storage media, storage/server location, backup media and its location. Control How they enable users to have proper controls over their data and information across its lifecycle. What are the controls – administrative, technical and physical – the provider deploys such as policy, procedure, mechanism, standard related to data and information privacy? Guarantee How they assure our data and information are appropriately managed and the compensation they bring into the table if the privacy is broken. Responsible Party The entity that is responsible for ensuring compliance to a certain standard, applicable law and regulation, along with regulatory requirements. Third-Party Whether there is any SUBCONTRACTOR INVOLVED in providing products and services to the cloud provider and to what extent this vendor involved in your data and information processing. Standard and Framework Standard and framework on data and information privacy the provider follow and comply with. You also need to know and understand their implications on your data and information privacy. Law and Regulation Law and regulation on data and information privacy the provider comply with. Be aware of similar law and regulation your country may have. Also acquainted with their implications and consequences. Cross-Border Identify the processes on how the provider deal with cross-border data transfer if we store and process our data in multiple sites across several GEOGRAPHICAL premises in a great number of countries.

One of my organization’s highest concerns is its data and information privacy. Most of the employees also alarm similar attention. How cloud computing deal with it?

Answer»

In more general terms, data and information privacy is the rights you have on having various controls over how your data and information are managed across its entire lifecycle – when acquired, maintained, used, published, transferred, stored, archived and disposed.

Even though it looks quite similar with data and information security, in most cases these two definitions are found overlapped, they have a major difference to CALL to mind.

Privacy CENTRE of attention is on how data and information are used and governed through certain policies, laws and regulations. On the contrary, the primary focal point of security is how data and information are protected from countless threats and vulnerabilities. In consequence, the last-mentioned isn’t adequate enough to deal with privacy.

What you could possibly do is collecting any information from the cloud provider as much as you could on:

Processes

How your data and information are processed in the cloud together with but not limited to where the provider is from, their head and in-country office, storage media, storage/server location, backup media and its location.

Control

How they enable users to have proper controls over their data and information across its lifecycle.

What are the controls – administrative, technical and physical – the provider deploys such as policy, procedure, mechanism, standard related to data and information privacy?

Guarantee

How they assure our data and information are appropriately managed and the compensation they bring into the table if the privacy is broken.

Responsible Party

The entity that is responsible for ensuring compliance to a certain standard, applicable law and regulation, along with regulatory requirements.

Third-Party

Whether there is any SUBCONTRACTOR INVOLVED in providing products and services to the cloud provider and to what extent this vendor involved in your data and information processing.

Standard and Framework

Standard and framework on data and information privacy the provider follow and comply with. You also need to know and understand their implications on your data and information privacy.

Law and Regulation

Law and regulation on data and information privacy the provider comply with. Be aware of similar law and regulation your country may have. Also acquainted with their implications and consequences.

Cross-Border

Identify the processes on how the provider deal with cross-border data transfer if we store and process our data in multiple sites across several GEOGRAPHICAL premises in a great number of countries.

One of my organization’s highest concerns is its data and information privacy. Most of the employees also alarm similar attention. How cloud computing deal with it?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment