How safe is a cloud based archive?
You have invested money in employing the best IT administrators to ensure your environment is being taken care of.
Your administrator reassures you that your data is safe, and is accessible by your staff only through a bullet-proof directly login structure and file rights. This process is managed by your administrator who’ll fight tooth and nail to ensure the secure data and passwords are kept safe.
To help keep the outside world out of your data/intellectual property (IP), your administrator takes to task to implement a Gartner Leader Firewall with industry standard rules. they patches all his servers and then loads the best possible backup solution with antivirus to top it off for good measure.
Now that your network is safe and you’ve even encrypted client VPN access to the network, make sure you don’t have data leakage. The administrator’s boss is happy and company information is safe from the rest of the world.
Then the same super administrator reads about POPI, ECT and King III. Deciding that they need to comply, they start looking at the options to keep the data local on premise or in the cloud, and decide to send all the mail to the cloud.
E-mails move more information in and out of organisations than any other medium. When you archive your e-mail data, you basically make a copy of all the items ever sent and received in your e-mail system, and place it in a system able to recover items through e-discovery. When you decide to move this information to the cloud, you lose control over the data, and the data now gets looked after by the company you contract.
Now not only did you give a company in another country access to the most inner workings of your company, you also made it possible for them to sell that information to the highest bidder without your knowledge. Yes, the salesman said it will be safe and no one will ever be able to see your information (except the supplier’s staff and whoever broke into the system).
They also told you, you will get a 100% SLA: see more.
Now the Protection of Personal Information Act (POPI) states you are responsible for keeping the information safe and confidential. So who is responsible when the data is lost? Unfortunately, the buck stops with you, the e-mail owner.
Why would you go through all the effort to make a secure environment if you’re going to send it to the cloud, and why would you waste time and money on a local administrator when you can just get a wireless link to the Internet?
Take our survey and tell us what you think.