On Halloween, Google informed its users of Google G Suite that “this morning we made code that incorrectly prevented a small percentage of Google documents from being offensive, which caused these documents to be automatically blocked. The fix is fixed, and all users should have full access to their documents.” Read More: Cloud Pricing Comparison: AWS vs. Microsoft Azure vs. Google Cloud vs. IBM Cloud
Your Corporate Data in Google Hands. Are You Okay?
This misfire reminded everyone that cloud providers have access to all of your data. Many people feared that Google was scanning user documents in real time to determine whether they were evil or somehow bad. You really agree with such supervision in the conditions of service Google G Suite.
These terms include provisions on personal behavior and copyright protection, as well as compliance with “policy policies”. Who knows what made the program, which tests abuse and other violations of the terms of the G Suite, go awry. But I did something.
And not only Google has such conditions. Most likely, you or your employees have signed similar conditions in many agreements that people accept without reading.
A big concern for businesses this week was not blocked from Google Docs for a while, but the fact that Google was scanning documents and other files. Despite the fact that this is outlined in terms of service, it is inconvenient Big Brother-ish, and raises new questions about how confidential and protected corporate information is really in the cloud.
So, do SaaS, IaaS and PaaS providers provide their data to view your data? If you read your privacy policies (like me), then the good news is that most of them are not like. But did you really read them to find out who, like Google, has the right to scan and act on your data? Most enterprises carry out a good legal expertise for agreements at the enterprise level, but most of the use of cloud services is performed by individuals or departments that do not receive such IT information or legal expertise.
Enterprises need to take the initiative in getting acquainted with the conditions of servicing the cloud services used in their company, including for private individuals and agencies. After all, it’s your data, and you need to know how they are used and can be used.
As a rule, these conditions are not subject to discussion, therefore you should be ready to block the providers of cloud computing, whose terms are unacceptable and provide users with an alternative. But cloud providers may want to rewrite part of their terms of service on confidentiality issues, if your business is large enough, so ask!
Perhaps the most frightening part of this is that you usually do not have the ability to check a public cloud to determine if they are checking your data or not, regardless of whether they provide them with the terms of service. In the end, it comes down to trust. But you must at least know what your providers can do, so you can decide who to trust.