Can anyone access the data that you trust to the safekeeping of a cloud-computing vendor? It's a good question, made all the more relevant by the revelations regarding the National Security Agency's Prism program. So how can you best address these issues in your contract with your cloud vendor?
Stories by Thomas Trappler
When contracting for cloud-computing services, one challenge is that there may be more parties involved than your company and the cloud vendor. The vendor might outsource some of the services covered in the contract, or it could end up under different ownership after a merger or acquisition. On the client end, you might choose to work with a cloud broker. Because the introduction of third parties can increase risk, it's essential for potential cloud clients to identify third parties before adopting a cloud service, thoroughly understand their roles and ensure that their responsibilities are effectively addressed in the contract.