newswire_banner

     



    How’s Your Cloud Insurance Coverage?

    Jul 24, 2013
    Cloud computing presents a number of benefits and risks to businesses, many of which are discussed daily in a variety of forums. How well does your conventional insurance cover your cloud services – particularly regarding issues such as data sovereignty, security, migration, and risk mitigation?

    Cloud computing presents a number of benefits and risks to businesses, many of which are discussed daily in a variety of forums. How well does your conventional insurance cover your cloud services – particularly regarding issues such as data sovereignty, security, migration, and risk mitigation?

    There is a big gap between what conventional insurance offers and the risks presented by cloud computing, Eric Lowenstein, client manager, financial services group of Aon, Sydney, recently explained to ITPro.

    ‘‘There is a broad range of cover options available but these have problems,” he said. “What are the geographical exclusions in regard to data sent offshore? And there are uncertainties about the definition of networks. Do they include devices like iPads, laptops, etc.?’’

    Lowenstein stressed that this is not simply an IT issue. The cloud poses risks to many stakeholders – IT, marketing, legal, communication, and even the CFO and CEO – and they all need to be engaged.

    A cloud computing insurance industry is emerging in the United States. Earlier this year, the MSPAlliance, an association of cloud service providers, announced a partnership with insurance broker Lockton to ‘‘offer comprehensive protection for cloud and managed service providers worldwide.’’ MSPAlliance reportedly has offered cloud coverage in Australia since 2008. According to ITPro, the U.S. organization CloudInsure has also partnered with Lockton “to provide indemnity assurance to cloud service providers and enterprises in support of service level agreements, and financial protection for customers ‘commensurate with their data risk within the cloud’.”

    The U.S.A. Patriot Act and recent National Security Agency’s PRISM project have added fuel to concerns over the risk of storing data within the cloud. Adrian Lawrence, a partner with the law firm Baker & McKenzie, warns that the Patriot Act, which grants wide-ranging powers to U.S. government agencies, could be applied outside the United States to any cloud service provider that is owned by, or is a subsidiary of, a U.S. company. Enterprises, cloud service providers, and insurers must take these types of issues into consideration sooner rather than later.

    A guideline to these key questions and considerations is available from ARMA International’s Guideline for Outsourcing Records Storage to the Cloud. The publication includes useful checklists for considerations from the legal, technology and business use perspectives. Click on the title above or search for it at www.arma.org/bookstore to learn more about this publication.

    © 2016, ARMA International