Whom do I have to trust?
Cloud computing can provide a wide range of benefits to organisations, including cost savings, increased scalability and flexibility, better disaster recovery and business continuity, and access to advanced technologies and services. However, the adoption of cloud computing can also present challenges, particularly for companies operating in highly regulated industries such as banking, finance, healthcare, and insurance. One of the main challenges for these organisations is ensuring compliance with regulations related to personal data protection, while also ensuring the confidentiality and integrity of this data and staying competitive when using new technologies.
Banks, for example, rely on the trust of their clients, which is crucial for attracting and retaining business. Data theft can have financially but also reputationally devastating consequences for the attacked companies and for their customers who have placed their trust in a financial institution. This requires the protection of data in all its states – in transit, at rest, and in use. To help explain this, consider a data analytics platform. When data is sent to the provider, it's in transit. Once received, it's stored in a database or hard drive and is at rest. In the final stage of data processing, the data is in use when it is loaded onto the service providers' servers for computation. Encryption for data in transit (e.g. TLS) and at rest (e.g. disk encryption) is a common practice but the protecting of data in use is a newer and less developed area of security. As this is a potential vulnerability, it limits the use of cloud technology in dealing with sensitive data.