Cloud Computing, Data & Security
The cloud means different things to different people, and there are plenty of cloud computing myths that we can help to dispel.
When we advise customers of cloud solutions, we start by ensuring that we understand the primary drivers for going into the cloud. We can help you to achieve these goals and also to manage and mitigate some of the inherent risks.
With cloud solutions, one size does not fit all. Cloud computing requires a focus on your objectives. Common considerations include the following:
- have a clear vision: is your organisation ready to adapt? Cloud requires buy-in from leaders of affected business units and the C-Suite
- expectation alignment: ensure that you and the vendor are aligned on approach, responsibilities and the risk landscape
- be selective: the cloud has many benefits but it’s not always right for everything, such as sensitive data or applications over which you need greater control. Hybrid cloud models are likely to remain commonplace for some time
- cost certainty: cloud solutions aren’t always as low cost as might be perceived. ‘Pay as you go’ models may require minimum term commitments and so it is important to ask yourself what price protections you have both during the contract term and on renewal. Also, cloud solutions can give rise to unexpected costs because of unanticipated storage requirements so ensuring you have enough headroom under the fair usage policy is key
- deal with downtime: ensure your SLAs are focused and the remedies are meaningful and workable
- data security: this remains paramount. In an increasingly crowded marketplace, vendors are recognising that customers need more transparency and are turning security into a USP. While vendors will become directly accountable under GDPR, minimising the risk of any security breach (and associated PR issues) requires thorough due diligence by customers as a first step
We advise on all aspects of data protection and privacy for customer and vendors dealing with technology including cross border and intra group data transfers, data processing arrangements, cloud solutions, IoT technology, ISMS and general data protection audits on a UK and global basis, privacy impact assessments, cyber security and data breach management and data security by design. We can also help you to manage, investigate, resolve and recover from a crisis in the event of a data breach. Also see our Data & Privacy pages
Dr Nathalie Moreno comments in Digiday's "GDPR is coming, but nobody knows how it will be enforced" article03 October 2017
Dr Nathalie Moreno has been featured in the Digiday article "GDPR is coming, but nobody knows how it will be enforced"
Tech solution providers Getting Data Protection Ready27 July 2017
The General Data Protection Regulation (“GDPR”), takes effect from 25 May 2018, and brings about important privacy changes that will impact most businesses, particularly providers of technology, telecoms and data related platforms, solutions and services.
Heat Network Regulations – Data Centres17 July 2017
The Heat Network (Metering and Billing) Regulations 2014 (the “Regulations”) were introduced as part of the continued drive for better energy efficiency (and reduced emissions) around the European Union.
2017 report on UK cyber security breaches20 April 2017
Almost half of all UK businesses have experienced cyberattack in past 12 months.
Software apps and patent trolls: Should you be afraid?16 March 2012
For a very long time there has been a debate as to whether software is better protected by copyright or by patents. The State Street Bank case in 1998 (State Street Bank v. Signature Financial Group, 149 F.3d 1368) (Fed. Cir. 1998) opened the floodgates to software patents in the US and it is only recently (due to In re Bilski, 545 F.3d 943, 88 U.S.P.Q.2d 1385 (Fed. Cir. 2008) and some other cases) that the flow has moderated a little. Over the same period, many thousands of software patents have been granted in Europe