Much has been made about the privacy, confidentiality and security of emails and data stored, delivered and accessed in the cloud. From celebrity photo hacking through Apple iCloud, the online theft of customer email addresses from Dropbox, Edward Snowden’s revelations about Governments spying on foreign leaders and their own citizens, and Google scanning email accounts in order to target advertising - the confusion and relevance of just how safe cloud is, has been recently highlighted in the mainstream media.
Cloud technology may have had a slow but steady rise to prominence, however the countless benefits of cloud have verified its position as the modus for the future. The privacy and security of organisations’ data still remains one of the biggest concerns about cloud. With the collection and dissemination of emails, information and data in the cloud growing exponentially, it is vital to focus on the correlation between businesses’ expectations of privacy and the issues that surround them.
Businesses that utilise cloud technology to deliver their emails should be assured that their cloud vendor is compliant and transparent with regard to ensuring the protection of client data.
One side of the argument is that with such a digitally over sharing world (i.e. social media where we create our own accounts or utilising free email hosting), we should expect it comes at the price of our privacy, confidentiality and security. When discussing the areas of social media, mobile phones and online databases, Private Investigator Steve Rambam famously expressed the opinion that "Privacy is dead- get over it." Yet would Rambam have had such a lax attitude if his personal information contained in emails was used without his permission, or it was used to steal his whole identity? The hard truth - this does happen.
On the other hand, while we are happy to share certain aspects of our lives online, nobody wants to feel like they are living in an "Orwellian" world. In the essay The Value of Privacy, Bruce Schneier discusses the importance of privacy and how it protects us from abuse by those in power. "Privacy is important because, without it, surveillance information will be abused: to peep, to sell to marketers and to spy on political enemies - whoever they happen to be at the time."
As you can see privacy is proving to be a hotly contested issue, and rightly so. With emails being the telegrams or physical letters of our generation, the right for your data to be kept private, confidential and secure is a matter of our basic human rights. The high level of sensitive data that is transmitted online deserves an incredibly high level of consideration.
Email is still the number one form of communication for businesses and business transactions. Personal information such as banking details, addresses, telephone numbers and photographs are all examples of information that can confirm someone's personal identity and is quite often contained within an email. Confidential business documents such as contracts, legal documents and personal health records are also passed on from one recipient to another via email. The thought of anyone having access to this level of information as well as knowing what they can do with it, is something that we should all be concerned about. It is vital that businesses, organisations or individuals that deal with any of the before mentioned content, have to think smarter and safer.
This all starts with the right cloud vendor who shares the same concerns. Some of these concerns include whether emails can be stored or read without consent, and the fact that some email hosting providers may allow for data to be scanned, collected and used for data mining. Improper or non-existent disclosure of these issues can also be of concern to businesses.
If you are unsure of what you need to look for when it comes to a cloud vendor that will give you complete peace of mind, rate your current cloud vendor or potential cloud vendors on these important factors.
Does your vendor have a Privacy Agreement and Service Level Agreement in place?
Privacy agreements should be in place with your service provider. This will help safeguard your privacy and outline the responsibilities required in the service level agreement (SLA). SLAs should define in clear and measurable terms the process that is to be followed by both parties. This is done so your company responsibilities and those of your vendor, are made clear from the very beginning.
MailGuard believes that the protection of our customers’ business shouldn't come through the sacrifice of their privacy and security. This is why MailGuard adheres to strict enterprise-grade SLAs.
What Will Your Security And Data Protection Look Like?
When looking for a cloud provider, you must consider how your data will be stored and secured. This should be clearly outlined, with governance and security measures put in place to protect your data. Make sure you read any fine print, as some organisations may collect your information to pass on to the highest bidder.
MailGuard has access restricted, sophisticated and reliable infrastructure in place to meet all security and data protection requirements. MailGuard never collects your information through email filtering processes, we only scan for malware, scams and spam- nothing else. MailGuard supports end-to-end email encryption and utilises TLS encryption of SMTP sessions to and from organisations with TLS supporting mail services. All network communication within the MailGuard network is mandatorily secured with either IPSEC or TLS encryption so your information is always kept private and secure.
Are Legislation And Regulatory Requirements Being Met?
Global legislation in regards to online data storage and privacy still remains a legal minefield, so it is important for you to confirm that your vendor is honest about how your data will be stored, and that it is compliant with the most up to date legislation and regulatory requirements.
MailGuard complies with Australian privacy laws.
While individuals have control over the information they share over the internet or via email, it is the vendor who is required to be transparent with their clients about who has access to their data and the security measures put in place to protect their data. Customers should also feel empowered to ask questions and judge their cloud vendor's response to security concerns. If your concerns don't match those of your vendor, it is time to look elsewhere for better service.
How does your vendor stack up? If your concerns aren't their top priority, it’s time to switch. Need more reasons? Take a look at Breaking Up With Your Cloud Provider- What To Do When The Honeymoon Is Over.