Is cloud and data privacy an issue for SMEs?

Is cloud and data privacy an issue for SMEs?

I was reminded this week of an old marketing adage that if the product you are using is free, you probably are the product.

Today we have grown accustomed to “free” services on the internet but we forget that it is to capture our attention to market to us or sell to us. In some cases people are happy to store our data or our information, yet when we look at the terms closely we realise our information becomes their property.

Since the Snowden storm, with revelations about the actions of the NSA, no large enterprise is happy to have data outside of their control and so suddenly there is a boom in the data encryption market. This is led by the fact that big business wants to move to cloud services to reduce costs. What they know is that if their data is encrypted before it leaves their control it has a higher chance of staying safe in the cloud. They work to minimise risk knowing there is no such thing as safe or protected anymore, only degrees of protection and risk reduction.

Encrypted data where the cloud provider does not have the encryption key is not searchable or readable for metadata by the holder, so it truly remains private (at least until someone with a lot of money and a super computer sets about breaking the encryption algorithm).

There are some pretty new products on the market for the enterprise organisations to grab and use for this, but it is early days and we are still looking for tools that are scaled into the SME category. They do exist but the price point favours the 30 staff plus business. There are already plans to scale this technology using multi-tenanted gateways provided by the network providers as a value add to the other cloud services so within a few months we will start to see ways to for local small businesses to make use of the cloud without taking huge risks on privacy.

This is a new and emerging field and it will become important to understand the differences between physical, logical, political and legal locations of data. The implications of this are that you are likely to need IT skills, security skills and legal skills to interpret the appropriateness of a cloud solution. It could be that your data is physically stored in a data centre in India by a company that is based in the US, but the data is encrypted in Australia and accessible by people with access to the encryption key in multiple locations around the world.

The implications of the above are complex and this is creating new opportunities and jobs for people to help business solve these issues. Today, as an SME owner, it is worth considering which cloud solutions are sensible to use and which free services are worth avoiding to keep your personal, staff and client information safe.

For most of us, solutions like Microsoft Office 365 are safe enough, while free services like Facebook are possibly not. It is clear from a cost perspective that we must consider cloud as an alternative to building or replacing private servers. If you are not sure where to turn, seek advice before investing in out of date or insecure solutions. IT is no longer an area of business where complacency is likely to serve you well.

David Markus is the founder of Combo – the IT services company that is known for solving business problems with IT. How can we help?



Notify of
Inline Feedbacks
View all comments
SmartCompany Plus

Sign in

To connect a sign in method the email must match the one on your SmartCompany Plus account.
Or use your email
Forgot your password?

Want some assistance?

Contact us on: or call the hotline: +61 (03) 8623 9900.