Ross wrote: "...I am all in favor of computing on the cloud, but there would need to be a great deal more information about data protection before I could use it."
I think the questions that need to be asked with regard to the use of any type of cloud service involving confidential information are: How is encryption implemented? And who has the encryption keys?
A lot of cloud services use SSL/TLS (https) to encrypt the data in transit but the data isn't stored encrypted on the server or, if it is, the service provider has the encryption key (unless, of course, you manually encrypt it first). To put sensitive data in the cloud a research team really requires local encryption keys that only they have access to and which are used to encrypt the data before it leaves their local PCs and decrypt the data locally whenever it is pulled back from the cloud. For a lot of cloud services this is an premium or enterprise feature if it is available at all, although a lot of cloud services use Amazon Web Services on the back-end and AWS does provide numerous methods for securing data (see http://aws.amazon.com/security/). I not sure how this cloud-based QDA software might implement this type of security but I would imagine there are lots of existing cloud services using AWS that work this way.
Alan.
|