Skip to content


  • Add this article to your LinkedIn page
  • Add this article to your Twitter feed
  • Add this article to your Facebook page
  • Email this article
  • View or print a PDF of this page
  • Share further
  • Add this article to your Pinterest board
  • Add this article to your Google page
  • Share this article on Reddit
  • Share this article on StumbleUpon
  • Bookmark this page

Dealing with cloud computing's data security issues

Economies of scale, flexibility, cost reduction – cloud computing advocates have made sure that we are familiar with these potential benefits. But doubters argue that none of these benefits will actually be available unless some fundamental security issues can be overcome.

Because cloud computing uses shared resources over the internet, organisations cannot simply recycle existing management processes and security measures. The fact that cloud users do not have a direct line of sight into the controls applied by a supplier makes cloud a different proposition from traditional outsourcing.

To get cloud computing right, organisations need to understand the data security issues they face and how to deal with them.

Cloud users may not know the geographical location of their data, and indeed data may be stored in more than one country – this would therefore have an impact on regulations and confidentiality agreements. There is also a concern around who has access to the data, and finally, how data is segregated between clients in a multi-tenancy environment. To alleviate these issues, users must:

  • negotiate precise contractual terms with the provider

  • implement compensating controls where possible

  • gain assurance that their specific requirements are going to be met. 

As well as tackling cloud-specific issues, it is essential to comprehend the wider issues affecting people and processes involved by:

  • understanding that you can’t outsource your responsibility for ownership of the data

  • planning the exit process early on so that you can safely switch providers or take activities and data back in house

  • putting in place appropriate ways of working to manage the relationship throughout the lifecycle, with regular independent reviews

  • recruiting and retaining reliable individuals and educating them about their continuing responsibility for data.

There is nothing inherently unsafe about cloud computing. In fact, some specialist infrastructure providers have introduced security techniques that are not found anywhere else. Get cloud right, and it could actually be more secure than traditional computing.

To receive our full length paper on data security in the cloud or to speak to a PA Consulting Group expert, please contact us now.

By using this website, you accept the use of cookies. For more information on how to manage cookies, please read our privacy policy.