Any business contemplating about moving to a cloud based solution such as a hosted desktop environment or infrastructure-as-a-service model needs to have a clear understanding of how their company data will be stored, managed and safeguarded – and must ensure they scrupulously do their homework into the cloud service provider they anticipate to use.
In most jurisdictions and countries it is now a legal requirement for companies to know where their data is being hosted, especially if you are in the public or government sector like my organisation. Last year, the Information Commissioner’s Office (or ICO) – The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals – stated that companies are accountable for where their data is held, even when using 3rd party vendors. This regulatory stance is also true in many other countries with their respective authorities, and in some cases it may be even more stringent and rigid with regards to physical location being one of the key factors.
Companies should look for trustworthy and credible providers. They should also seek references from other clients and look for security accreditations including ISO 9001, ISO 27001 as a minimum.