Services cloud storage services include hardware, software or data is maintained off-site, often with a third party and accessed via the Internet.
Only 29 percent of 705 senior executives in Canadian companies and government agencies have reported using cloud computing services, according to a study released Thursday by Microsoft Canada.
However, among others, one in five reported using the services, such as Microsoft Web Apps, Office 365 and Windows Azure, which is actually a cloud service.
"One thing that really caught our eye was that 19 percent of respondents use the clouds and did not know," John Weigelt, National Technology Microsoft Canada, said while releasing the results during a demonstration in Toronto.
Many mobile companies in the cloud, he said, "do so without full understanding [or] understanding of what is happening."
Almost half of respondents said the cloud was "a great interest in the topic," but it is questioned because of problems of security or privacy. Organizations that have already voted in the cloud were more likely to express these concerns (52 percent vs. 44 percent of the total).
For those who do the cloud, said 10 percent they had a plan to see how their business can use cloud computing solutions.
The survey was conducted online in October by Leger Marketing. Respondents were members of the online panel company, which includes companies and organizations in all sectors and industries that operate at least five computers. Microsoft has released only some results of the study.
A group of expert panelists who discussed the results after their release made it clear that companies have to a large amount of steps to deploy cloud services, while ensuring the privacy and security.
Cloud services companies to manage the data are responsible for it, said Ann Cavoukian, Ontario Information and Privacy Commissioner.
He said, however, take advantage of the flexibility reliability, much lower costs and greater co-operation offered by cloud services, while maintaining the privacy and security is "clearly feasible" if the services are designed for privacy and security in mind.
Toronto lawyer Michael Power Privacy suggested said that companies need legal advice to ensure compliance with Canadian law, which limits the disclosure of private information, private sector requires storage to notify Canada data on the confidentiality of medical records and in some provinces restrict the storage of information to the public outside the country.
He added that the laws of Canada and the United States. The U.S. Patriot Act, allow access to information by law enforcement.
Companies need to ask their providers in the cloud how you will receive a warning if the police want access to their data and there are restrictions on the use and disclosure of data. They should also get all the details of how data gaps are addressed.
He recommended talking security consultant as part of the process.
"At the end of the day, I think you need to know who keeps your data, you must have some degree of supervision and you need to understand their security policies, procedures and practices," he said. "If you do, so much, did you meet your responsibilities."
Robert Cook, chief information officer for the University of Toronto, said that the security and privacy are the most frequently cited concerns by the community college, when he was interviewed about the possibility of transmitting the University via e-mail services in the cloud.
The University has studied how this option, he said, because he was no longer able to provide a level of service e-mail himself, who met with the community and believes that cloud services can offer superior quality at lower prices.
He said that his organization to ensure it was in its obligations by conducting a risk analysis and assessment of the impact of confidentiality, in partnership with Microsoft, which was responsible for delivering courier services.
Weigelt said Microsoft through third-party audits of its privacy and security measures and ensure that it is aware of the confidentiality obligations in different countries. But he warned that other cloud providers is essentially a work in a particular country, and may not necessarily know the obligations of Canada.
He acknowledged that companies need to do a lot of steps to ensure the confidentiality and security in the cloud, but said that similar work to be done to ensure that privacy requirements are met for data stored in-house.
"It's the same field work in the cloud," he said. "There is no extra effort
