Do you really own your data?

This week in California, a freelance videographer lost $346,000 AUD worth of files, due to a bug in an update. He had no backup and attempts to recover the data have been fruitless.

He is now suing Adobe for damages, but I doubt he will win as he waived all rights when he activated the service. You see, most cloud providers clearly stipulate in the terms of service that any data you store on their services becomes their property. This protects them from any liability if they lose your data.

Possession is 9/10 of the law, if you don’t hold it – you don’t own it. So, if you’re storing all your data on an external cloud service with no backup, you may be opening yourself up to costly data loss without any opportunity for compensation. Although, in most cases no amount of compensation can bring back important data.

As we transition to the cloud, using a hybrid approach is still best for most businesses.

This means having your data securely stored on premise with backup to the cloud. Please get professional advice regarding your business, but in the meantime here are some simple rules you can follow:

1. Always keep important business data in your possession and control, preferably on a dedicated network attached storage device that’s in your possession and control.

2. Make sure the data is backed up, both locally and externally of the business. This can be an external drive, network attached storage devices or a cloud service.

3. At any given time you should have at least two copies of your data and you ideally want these in different locations to protect against disaster.

As your business transitions to the cloud (which is great), it is important you have a clear plan on how you might mitigate against these provider risks. Your data back up strategy should take into account the following:

    • Importance of the data
      • The more important the data is, the greater the level of care and storage/backup will be required.
    • The amount of data to be stored and protected.
    • The sensitivity of the data and how this is affected by privacy laws
      • Many professional services effectively break Australian privacy laws by storing personal information in the cloud outside Australia
    • How the business will access the data, eg locally or remotely.
      • Do you have a policy on how you enforce secure access?
      • Sharing of this data across the business

You can read up about the Adobe case here. 

And review your data storage providers and remember to not put all your eggs in one basket.


Leave a Reply