Cloud Computing: Time to Consider the Risks
With 92% of New Zealand businesses using some form of cloud infrastructure, the value of the cloud is undeniable. While businesses rely on the cloud to securely store, process and protect their data, many may not fully understand how and why cloud services can make companies more exposed to cyber risks.
If you are using the cloud to store, manage or process information, consider the four following points:
1. Jackpot target for hackers
While the benefits of using the cloud are numerous, the flatness and openness that gives the cloud its strength can also make it vulnerable. Holding such a vast range of information for a large number of companies has made the cloud one of the most targeted industries globally.
2. Cloud providers are seldom liable
Cloud providers commonly negate all accountability for loss of data or access to systems through hold harmless, liability limitation, or no subrogation rights clauses. These clauses are understood to be non-negotiable, making users responsible for ensuring added security measures and back-up storage systems are in place.
3. A cloud provider’s legal issues can become your problem too
The legality of file sharing services has been questioned in recent years, with issues being raised around copyright and piracy. While cloud providers encourage users to implement alternative back-ups for their data, many businesses continue to rely on the cloud as their sole data-storage solution. For example, US federal prosecutors shut down MegaUpload on charges relating to piracy in 2012 and many of their customers have lost access to all of their data as a result.
4. Standard cyber insurance policies will not adequately respond
Standard cyber policies will not respond to network interruption losses sustained as a result of a disruption to their cloud service. It is imperative that expert advisors are consulted when assessing and placing cyber policies to ensure policy response.
While the cloud poses a number of issues for data and service availability, security and carefully drafted contracts can help clients to be well placed in limiting both third party liability and first party loss. Cyber risk insurance is not a “one size fits all” solution, and Marsh’s expert advisors are capable of negotiating the broadest available coverage for your organisation.
 ANZ Cloud Adoption Index
 Megaupload file-sharing site shut down; BBC News; 8 March 2012