Companies sometimes fear using a cloud computing solution for security and or privacy issues. In February of 2011 the National Institute of Standards and Technology (NIST) issued two new draft documents on cloud computing.
These documents included guidelines for managing security and privacy issues involving cloud computing. Below are the four key guidelines recommended by NIST
• Carefully plan the security and privacy aspects of cloud computing solutions before engaging them.
• Understand the public cloud computing environment offered by the cloud provider and ensure that a cloud computing solution satisfies organizational security and privacy requirements.
• Ensure that the client-side computing environment meets organization security and privacy requirements for cloud computing.
• Maintain accountability over the privacy and security of data and applications implemented and deployed in public cloud computing environments. Choosing a vendor that uses the best security and privacy measures to deliver your messaging can be mission critical to your business.
When selecting a fax cloud provider, you will often hear about VPN, HTTPS and Secure FTP connectivity for passing your data back and forth, but there are other critical elements to examine.
Make sure the data centers they utilize can pass tight scrutiny; securing data within an application is only part of the challenge. Data within the applications must adhere to the strictest security policies. For example, who has access to your data, under what conditions would someone need to view your data and what reporting and event logging occurs when it is accessed.
In addition, make sure you examine the organizations change control and security policies. Most buyers merely accept the Service Level Agreement (SLA) as their foundation for the agreement, but the SLA is only as good as the policies the provider utilizes to secure your data.