• Join our Communities!

  • Twitter Updates

    Error: Twitter did not respond. Please wait a few minutes and refresh this page.

  • Disclaimer:

    The information in this weblog is provided "AS IS" with no warranties, and confers no rights. The opinions and interests expressed on this employee blog are the employees' own and don't necessarily represent EMC's positions, strategies or views. Inappropriate comments will be deleted at the authors discretion.

Do Cloud Providers Create More Risk?

Bryant Bell, eDiscovery Expert, EMC Information Intelligence Group

Bryant Bell, eDiscovery Expert, EMC Information Intelligence Group

One of the questions that I get asked a lot, especially since I work at EMC is,

“Hey, how does eDiscovery help customers in their ‘Journey to the Cloud’?” I think about this and I don’t believe that you can use eDiscovery technology to Journey to the Cloud. In fact, from a legal stand point the cloud creates more corporate risk for ESI (electronically stored information) that may be subject to a regulatory or litigation matter. This is because once a company decides to make that “Journey” they really don’t know where their information goes and lives. It gets thrown into that powerful dispersed infrastructure of servers here, servers there, servers everywhere. But the customer who owns the ESI is left scratching his head when he gets that inevitable call from the SEC to produce documents and he finds out he doesn’t have rights to discover against his cloud provider’s ubiquitous network.

Now it is inevitable that companies will move to the cloud because storage is cheap, but infrastructure is not. IT budgets are driving centralization, virtualization and migration of ESI to the cloud. This is just a reality. So what can you do to protect yourself? Well in a recent blog by Greg Buckles for the eDiscovery Journal, “eDiscovery in the Cloud – Who Owns Your ESI?”, he lays out several consideration a company should take into account when moving data into the cloud. One topic I want to highlight in this blog is his recommendation for Safe Harbor.

Your cloud provider should be thinking about these three things concerning your ESI, care, custody and control. The best way you can ensure that your data is managed correctly in the cloud is to find a cloud provider that has joined the U.S. – EU Safe Harbor. This is the European Commission’s Directive on Data Protection that went into effect in October of 1998, and would prohibit the transfer of personal data to non-European Union countries that do not meet the European Union (EU) “adequacy” standard for privacy protection.

At a minimum, this is a good first step. It will ensure that your cloud provider is at least aware of the privacy issues that surround ESI.

Advertisements

One Response

  1. […] Do Cloud Providers Create More Risk? (emcsourceoneinsider.wordpress.com) […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: