Cloud computing is helping H. M. Pharma Consultancy. Its also taking a slight toll on our resources because we keep getting questions whether the client-confidential data we keep or generate really are, well, secure?
Recently the no-hassles file backup and synchronization service Dropbox modified its terms of use, and a discussion erupted that went all emotional and bitter. Much of it revolved around the fact that, in the course of legal proceding (“including but not limited to, a subpoena”) Dropbox would have to hand over customer files to the party demanding it, including the (U.S.) government.
Well, that’s a totally moot point. Not that I trust my dear competitors, opponents, or – least of all – any government; its a fact of life that governments all across the globe steal from their citizens, coerce them, and they also spy on them. (Of course, its all within the legal framework governments create for themselves, so the politically correct terms are: taxation, leadership, and watchful awareness.) But then, adult individuals with full command of their mental faculties have to be aware of that; and for businesses with confidential data it should be the Primary Directive (as in Star Trek) anyway — oneline, offline, wherever.
This is what I posted today in the discussion thread on the Dropbox blog:
Well, I haven’t had time to read all 105 comments and maybe something like this has been said before, but here is my position – not only with respect to Dropbox, but to any cloud storage service: If you want to be reasonably sure that your data are not accessed by governments or service employees, don’t upload them anywhere without state-of-the-art encryption. If you want to be as sure as you can get in a world of hackers, don’t upload anything anywhere. IMHO, cloud storage of any flavor is for uncritical files. Thats it, period. -HM
At H.M. Pharma Consultancy we upload client-confidential data only after local encryption, using systems and keys that are either restricted to our office machines (with primary passwords not stored on any machine), or they shared with our customers through some offline method. And then of course there are things that will never go on an external server now matter how. In this way we do cloud file storage and exchange, and we love it!