Accessibility links

0207 637 5310 info@samrogoff.co.uk

  1. Factsheets
  2. ICT

Data security - cloud and outsourcing

Cloud data storage and outsourcing can often be more secure than using internal resources however there are some additional things to bear in mind. We consider issues which should be taken into account when reviewing the security of your computer systems. At Sam Rogoff & Co, we can provide guidance on data security in the Fitzrovia area.

Many companies are now completely reliant on the data stored on their network servers, PCs, laptops, mobile devices or in the cloud. Some of this data is likely to contain either personal information and/or confidential company information.

We have a related factsheet that covers the conventional data security considerations.

Here we look at some of the issues to consider when reviewing the security of your computer systems, and how to minimise the risks of data loss, within the cloud and services are outsourced.

Whilst cloud data storage and outsourcing can often be more secure than using internal resources, there are some additional things to bear in mind when some, or all, of your data is not held on-site.

Audit use and storage of personal data

Consider the potentially sensitive and confidential data that is stored in the cloud by your business.

Find out what is happening to that data and which controls are in place to prevent accidental or deliberate loss of this information.

Risk analysis and risk reduction

The key question is - if all or some of this data is lost who could be harmed and how?

Once that question has been answered, steps to mitigate the risks of data loss must be taken. Here are some steps that should be undertaken to reduce the risk of data loss:

  • ensure that the cloud provider or outsourcer will not share your data with a third party
  • check which countries the data will be stored and processed - this could have data protection implications
  • ensure that you can take local backup copies of your data
  • a data subject has the same rights of access wherever data is being stored, so ensure that a subject access request can be facilitated
  • try to minimise the amount of personal data stored in the cloud, or with a third party
  • what happens if the provider becomes insolvent? Have a contingency plan in place
  • is the data encrypted - if so have you got access to the keys and who else has access to the keys?

There are many resources available including:

ico.org.uk/media/for-organisations/documents/1540/cloud_computing_guidance_for_organisations.pdf

How we can help

Please contact us if you require help in the following areas:

  • performing a security/information audit
  • reviewing cloud and outsourcing/third-party agreements
  • training staff in security principles and procedures.

If you are in the Fitzrovia area please do contact us and we would be happy to help with data security issues.

Address

Sam Rogoff & Co Ltd, 3rd Floor, Great Titchfield House, 14-18 Great Titchfield Street, London W1W 8BD

Contact us today!

0207 637 5310

logo
Opening hours

Mon - Fri: 8.30am - 5.30pm

Quick links
Company links

© 2024 Sam Rogoff & Co Ltd. All rights reserved. powered by totalSOLUTION

We use cookies on this website, you can find more information about cookies here.
Sam Rogoff & Co Ltd, is a UK Limited Company registered in England and Wales under number 07092178. Sam Rogoff & Co Ltd is authorised and regulated by the Institute of Chartered Accountants in England and Wales (“ICAEW”) under registration number C002545445 and is subject to the ICAEW Code of Ethics. Regulated for a range of investment business activities, and licensed to carry out the reserved legal activity of non-contentious probate in England and Wales by the ICAEW. Details of our status can be viewed at www.auditregister.org.uk under registration number C002545445. We are registered for VAT under registration number GB 228 4926 42