The horror that the likes of Jennifer Lawrence and other celebrities that have fallen victim to the recent Apple iCloud hack must have felt is obvious. But imagine if you found your business’ confidential information (which you thought) was stored safely in the mystical ‘Cloud’ had been accessed and sent to a competitor or the online public at large?
We’re finding more and more of our clients approaching us for our specialist advice on the legal issues involved in ‘Cloud’ systems, particularly for data storage facilities or making available software as a service (SaaS) to customers, suppliers or staff.
Of course, the Cloud provides great opportunities for your business to enjoy tech expansion, efficiency and, ultimately, cost savings. But if there is one lesson to learn from the Apple iCloud hack fiasco, it’s that you must use the best possible practical and technical security means to tackle unauthorised access. Your legal documents can be as tight as you like, but if there’s a massive hole in your security arrangements just waiting to be abused by hackers, you’ll be left trying to chase a horse that’s already bolted.
Trying to keep up with the rapid spread of the information and dealing with all the culprits once it has gone viral is often the bigger problem for private or corporate victims whose information is accessed and spread online.
Twenty or thirty years ago, if someone did get their hands on sensitive material (whether that be a celebrity’s semi-nude photographs or confidential corporate information), to publish worldwide or realise commercial value, they would have had to try and sell the material to a newspaper or other media outlet. So, in those days, the victim could arguably identify the outlet for the material and maybe try to take steps to contain or prevent distribution, depending on the laws of the relevant countries involved.
Nowadays, however, a few clicks of a mouse is all it takes before the world at large (or your competitor) receives information otherwise intended to be private and confidential.
Whilst Taylors’ dedicated team can advise you on the legal pitfalls when switching to the ‘Cloud’ and help you enforce your relevant documents, you should be sure to also maximise access security using preventive measures, such as a two-step authentication for users, as well as measures to detect and block threats in conjunction with protecting data at rest.
If you have any queries, please get in touch with Elaine Hurn, Managing Partner and Head of Taylors' Commercial and Information Technology team, on 0844 8000 264 or via email firstname.lastname@example.org.