The Public and Private Cloud
The “Public Cloud” refers to data storage in a shared facility, often with multinational providers. Your data is typically located on infrastructure shared with other organizations. You may or may not know the location of your data; it could be located in Australia or anywhere in the world.
The “Private Cloud” can be either “On-Premise” or “Off Premise”. As the names suggest, on premise means that the data is located on the premises of the organization that owns it. Some smaller organizations have their own server rooms, whereas, larger organizations might have their own data centre. An off-premise facility would generally be a data centre either owned or leased by the organization, or a data centre used by the organisation’s IT provider. By definition, on-premise data storage is not shared with any other organization. However, off-premise data storage, may or may not imply sharing of infrastructure.
Why is the public cloud a security concern?
There’s a few reasons. First, in the public cloud your data could reside anywhere; on or off shore. Wherever your data resides, you may be bound by the local laws of that country. Secondly, you may have little control over the security of your data. Thirdly, any data that belong to a third party which you acquire and store on their behalf is protected by Australian privacy law. This means that you are responsible for the security of that data. To help understand this, and what can sometimes go wrong a few real life examples are described below: