Are our heads in the clouds when it comes to service provider trust?

By Rafael Laguna, CEO, Open-Xchange

The PRISM scandal exposed what many of us have long suspected: that we can’t be sure if our personal data is entirely secure. The revelation that the NSA intercepted Yahoo and Google data centers brought the word ‘trust’ to the top of the agenda across the tech community and trust in our governments was seriously damaged.

But this isn’t just a question about whether we trust our government to manage our personal data, it also impacts our choice of service provider. Governments are trying to claw back trust and are now re-addressing the balance, exemplified by the German coalition announcing their backing for local-owned open source alternatives. But to what extent can we trust any organization with our data? And can we trust them to manage it respectively?

In the wake of PRISM many will want to hold their data even closer, as such the conversation is now less about ‘how do we keep our data safe?’ and instead focuses on ‘how do we reclaim control of our data?’ Cloud service providers are perhaps the most precariously placed because data is stored and transferred virtually. How can a user expect to trust their data and provider, if it’s not ‘in hand’?

We all shop around and do research before we make a big purchase and deciding between cloud providers should be no different. Cost may have traditionally been the key driving factor, but post-PRISM, our trust in the provider to act responsibly with our data is equally, if not more, important. Before a customer can trust their service provider, several key questions must be answered. People want to know that their provider will act responsibly with the data entrusted to them, and can deliver on their promise of providing a secure service.

Trust is difficult to earn, and the amount of trust we currently have in our provider may be closer linked to how much control of our data we retain – and control from a customer perspective is often manifested through the freedom to choose. Therefore the most important factor when we sign up with a provider is whether there is significant choice available in our decision-making process.  If a service is only available from one provider you need to carefully consider the ramifications of being locked in with nowhere to go.

To safeguard our trust, we need to ensure we retain freedom of choice. If we are to retain this freedom when choosing a cloud service, we need to ensure that the same service is available from several providers, that there are tools available to move from one provider to another, and that the service is available as software – preferably open source – so that if you require it to be run on premise, you can. Only with this level of control can you truly be in a position to trust.

For the service to be available as software is imperative. If we need to move our data, because of provider shut-down or lack of trust, it is the ultimate fail-safe to be able to run your own cloud service on-premise. Doing so gives us the flexibility not to be held ransom with our data.

The author: Rafael Laguna is co-founder and CEO of Open-Xchange, a global leader of web-based communication, collaboration and office productivity software. Sold and delivered through cloud and hosting providers, all Open-Xchange software is also available for free download, ensuring that users keep the choice to move to another provider or run the service on-premise at any time.

photo credit: Paul A. Rizer cc