InfoLawGroup LLP

View Original

Lessons Being Learned about Cloud Computing

Dave and I recently spoke with Nymity regarding privacy and data security issues in cloud computing deals.  You can read the interview here.  We addressed a number of questions, including: 

  • What makes cloud computing different from computing in-house or "normal" IT outsourcing?
     
  • What are the key benefits?
     
  • What are the key risks?
     
  • Should in-house lawyers and compliance, privacy and security officers be concerned?
     
  • What do in-house lawyers and compliance, privacy and security officers look for to identify cloud computing activities?
     
  • How do in-house lawyers and compliance, privacy and security officers quickly understand the new risks and implement controls to reduce these risks?
     
  • What can in-house lawyers and compliance, privacy and security officers do to educate executive management?
     
  • What does it look like when a company does a great job selecting a cloud vendor?  What do they do up front before beginning the due diligence process?  What do they do during the due diligence and contract negotiation processes?  What risks do they mitigate?  What controls do they put into place?
     
  • What are important compliance, security and privacy elements for cloud contracts?

You can find some of our thoughts on these questions and more here.