Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

Business continuity information

Patriot Act not a cloud computing threat: IDC

According to a new study from IDC, end users' concerns over foreign governments' access to cloud data, particularly data stored in the US, are misplaced. Many critics of cloud services say that the Patriot Act gives US government agencies unprecedented access to information stored in the cloud. This concern is often heightened because the vast majority of leading cloud vendors are US-based.

"Scare stories over the Patriot Act abound, but they are fallacious," said David Bradshaw, IDC research manager for European public cloud services. "The Patriot Act is nothing special, indeed data stored in the US is generally better protected than in most European countries, in particular the UK."

Almost all countries have similar legislation that gives the authorities a means to requisition data on cloud services — and stored anywhere in their jurisdiction — in order to investigate and prevent acts of terrorism. The issue is ensuring that these powers are used only when absolutely necessary.

The ‘gold standard’ is that government agencies are required to seek a court order for any access to data, and that cloud vendors are not allowed to give up customers' data without a court order, other than in truly exceptional circumstances such as imminent danger of loss of life. This is the case in the US, where all access to cloud data requires a court order.

However, most European countries are less stringent in their requirements. As a result, data stored in the US is arguably better protected with legal safeguards than data stored in most European countries. In particular, the UK has weaker legal controls, and this may become a barrier to organizations in other European countries adopting services that store data in the UK.

Users need to ignore the Patriot Act scare stories, says IDC. Most large organizations will already be using services, such as outsourcing, where their data is stored on a service vendor's system. Adopting cloud services brings nothing new to these customers; indeed with many cloud vendors storing data in the US, your data will arguably enjoy far more stringent protection.

For smaller organizations, cloud services should primarily be evaluated on the business value they bring to you. Data location is a far smaller consideration, and should not be a big concern for the vast majority of users.

The study, ‘Government Access to Cloud Data: Impact on Users, Vendors, and Markets’ (IDC #SP54U, October 2012), was written by David Bradshaw and is published on idc.com.

•Date: 24th Oct 2012 • World •Type: Article • Topic: Cloud computing

Business Continuity Newsletter Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.

How to advertise How to advertise on Continuity Central.

To submit news stories to Continuity Central, e-mail the editor.

Want an RSS newsfeed for your website? Click here