More By This Author

Current Issue

Current Issue

Posted: April 23, 2013

The dangers of the cloud

Do you know where your data is?

Cindy Wolf

The rise of cloud computing hasn’t stopped even though the vast majority of the public has no idea what the cloud is. Even half of company IT security practitioners don’t know what happens to the data in their company’s cloud implementations.

Three recent surveys have highlighted the confusion, ignorance and surprise: dangers of cloud computing. First, confusion: Wakefield Research revealed that a majority of cloud users don’t know what the cloud is or that they are even using it (when 95 percent of them are), but that they fake it in conversations at work and even on dates. And it’s okay to fake it because 56 percent also think that whoever they are talking to doesn’t know what it is either. Hint: it’s not related to weather.

Next, Symantec did an even larger survey of cloud users at all sizes of companies. They found that 75 percent of companies have “rogue cloud” implementations, where some part of the organization has put sensitive information into the cloud without company oversight. Their experiences are frightening:

  • 40 percent had their confidential information disclosed;
  • 40 percent lost data in the cloud;
  • 68 percent could not recover the lost data in the cloud from backups;
  • 20 percent of those who did recover the data still had to live without it for over 3 days;
  • 23 percent have been fined for privacy violations;
  • 33 percent had eDiscovery (litigation or law enforcement) requests for data in the cloud;
  • 66 percent missed their eDiscovery deadlines incurring fines and impairing their legal position; and
  • 41 percent were never able to find the data required for eDiscovery


A survey by Ponemon Institute focused on cloud security. It found that only 50 percent of companies (70 percent of them with over 5000 employees) did security reviews of their cloud solutions prior to implementation. Consequently, only 53 percent of the companies felt confident about the security of their data in the cloud – a slightly higher amount that doesn’t correlate to actual knowledge.

Why is this? The Ponemon survey clarified that responsibility for security was spread across multiple groups: the company’s IT organization, the company’s end users, the company’s IT security team and the cloud provider. The fingers can point in all directions and don’t land anywhere. And as the other studies pointed out: end users are clueless and the consequences of letting them make cloud decisions are downright scary.

 Cindy Wolf is a Colorado lawyer with more than 25 years experience representing large and small domestic and multinational companies. Her expertise is in corporate law and commercial contracting, with an emphasis on international issues, technology licensing and the Internet. She can be reached at  or visit her blog at

This publication is provided for informational purposes only. It does not constitute legal advice. There is no implicit guarantee that this information is correct, complete, or up to date. This publication is not intended to and does not create an attorney-client relationship between you and the author.

Enjoy this article? Sign up to get ColoradoBiz Exclusives. The opinions expressed in this article are solely that of the author and do not represent ColoradoBiz magazine. Comments on articles will be removed if they include personal attacks.

Readers Respond

Leave a comment

Remember my personal information

Notify me of follow-up comments?

Please enter the word you see in the image below:

ColoradoBiz TV

Loading the player ...

Featured Video