Hmm, does it really work that way? We’ve been hearing from customers lately about one of the 800 lbs. gorillas out there telling them that their data will be “indemnified” if they store it outside their firewall. Beyond the fact that it should give you pause that companies storing data in the cloud feel it necessary to indemnify your data, here are some of the concerns that keep customers coming back to an on-premises file sync and share. PRIVACY First, and perhaps most importantly, storing data off premises – encrypted, indemnified, whatever – exposes that data (AND passwords and other customer data) to the cloud provider, governments, law enforcement and even hackers. We’ve seen this again and again. Some even share unencrypted data with other companies! And to top it all off, once data is on those third-party servers, it stays there – deleting it from the user end does not delete it from the storage. Think about:
- “100,000 companies use Box… “ Do you really want your sensitive data co-mingled with 100,000 other companies…
- Single Sign-on solutions that are integrated with the company directory can only be achieved by sharing the passwords or password hashes. This could endanger other services of the company like email, ERP, CRM. If the cloud is hacked, more than the data stored might be compromised.
- Data is often encrypted at rest in the cloud, however you as the customer do not control the keys. Is access to the keys logged and audited? Is unauthorized access caught in time to prevent damage? Can you say with certainty that you know who is accessing these keys?