Eighty-eight percent of UK business leaders believe they are no longer responsible for data stored in the cloud, new research from Infrastructure-as-a-Service provider Iron Mountain shows.
Even though companies are responsible for the loss of their data under EU law, 76 per cent of the 1,275 managers questioned said any reported data losses would cause greater damage to their service provider than their own company's reputation.
Iron Mountain claims these attitudes risk leaving firms financially and operationally exposed if sensitive data is lost or compromised.
Christian Toon, head of information security for Iron Mountain Europe, said: “Cloud storage offers many benefits, but businesses need to do their research and choose carefully. They need to apply common sense to what data belongs in the cloud and what should be stored elsewhere.
“Most of all, they need to understand and accept full responsibility for their information, wherever it is kept.”
The company has prepared a seven-point checklist for companies to ensure they stay on the right side of the law:
- Find out exactly where their data will be stored, who has access to it
- Consider the physical and IT infrastructure of their provider’s data centre
- Ensure all the people who handle their information are well trained
- Look for evidence of business continuity planning
- Consider the size of what they are backing up – tape may still be better if data volumes are in excess of 20GB when it comes to recovering data
- Do not put all their eggs in one basket
- Safeguard sensitive information – cloud may not be the best option for the most sensitive data
