cloud security Archives

Moving Your Corporate Data to the Cloud: Top 13 Things to Think About as you Review Your Hosting Agreement — Judy Selby Consulting

May 6th, 2019|Categories: HB Risk Notes|Tags: client data, client privacy, cloud data, cloud security, corporate data, data liability, data security, judy selby consulting, liability, private data, selby, tech law|

Some data migration risks can be mitigated at the cloud contract stage, Allison Bird, Judy Selby’s partner at Clearview Privacy Consulting LLC, explains. Regarding indemnification, Bird says, "If data is lost or exposed by the hosting company, your company as well as any affiliates who use the services will be subject to suits from clients and individuals whose data was impacted. You may also be subject to regulatory scrutiny which could result in legal costs and regulatory penalties. To the extent possible, negotiate a full indemnification of third party claims arising out of the hosting services." She says the limitation of liability section of your hosting agreement "may be the single most important" part. "Your hosting company may make a lot of promises in the agreement. However, if their liability under the agreement is significantly capped, you won’t receive the monetary compensation necessary to make up for hosting [...]

The Cloud: Selected Benefits, Risks, and Insurance Coverage Issues (Part 1) — Barnes & Thornburg

Cloud Risk: Do You Transfer Liability Along with Data? Many of us were using data clouds before we even knew what they were. Now, while most of us are comfortable with the concept, we may not be comfortable knowing who is liable when data is lost, damaged or breached. It's not a given that your cloud provider absorbs any liabilities, and it's not a given they can even afford the liability should it arise. Below are quotes from an article by Scott Godes, Kara Cleary, and Heidi Fessler of Barnes & Thornburg LLP on the subject, and a link to their complete article. Godes, Cleary, and Fessler list several cloud-related risks: data breaches, data loss, interruption of access, compromised credentials and broken authentication, and denial of service. But two other categories for concern are: #1. BYOC, or Bring Your Own Cloud. Employees may be innocently using [...]