June 29, 2015

Cetrom in Accounting Today: The Wild West of Data Privacy and the Cloud

This article originally appeared at AccountingToday.com here. By Christopher Stark, Cetrom, June 18, 2015

The first time the country was connected coast-to-coast, it was with the wood and steel of railroad tracks into the Wild West that redefined the frontier, and the nation. Today, we use fiber-optic cable to join the frontiers of the information superhighway, which are accessed increasingly via the cloud.

Regulatory standards and laws are necessary to handle any new path of business. For the railroad system, federally mandated laws introduced structure to the industry. In the 21st century, we are once again ill-prepared to handle the altered landscape of technological advancements due to a lack of regulatory laws for data privacy.

The cloud has reshaped the business world, giving businesses and workers the luxury of accessing and integrating the tools and data necessary to complete their workday. We enjoy the uninterrupted ability to innovate, create, access, store, and share information anytime, anywhere. Though the cloud is safe and secure, serious questions persist regarding privacy and responsibility. Information is traveling too fast, across too many “borders” to continue our present regulatory course. The situation is eerily similar to the days of the Wild West with ad hoc laws and speculative regulation.

Each of these advancements brought the country closer together—one by quickly moving goods and services across state borders, while the other moves data across physical and virtual borders instantaneously. The railroad system operated largely free from regulation, with only a patchwork of disparate rules, likely created by individual entities. This caused tremendous confusion and frustration as companies and individuals tried to navigate the evolving landscape.

At present in the United States, individual companies, states and industry organizations have created their own rules and guidelines for implementing cloud environments, but nothing is standardized federally. How businesses choose to approach data privacy varies. Most companies tend to adhere to the laws and regulations of the state in which they are headquartered. The American Bar Association notes, however, that each state has a law related to data privacy and confidentiality that is worded and interpreted differently. This has a complicated impact on the cloud. Cloud service providers routinely spread data across several data centers and fiber-optic lines nationwide. Those centers and lines of transmission route data to its destination, protecting users and their privacy, and companies’ abilities to provide uninterrupted access to data, regardless of their physical location.

In the event an issue occurs, a myriad of legal and regulatory questions arise. Who has control of the data? Where is it stored? Who can get to it? When this happens, we find ourselves facing ambiguity while grasping for answers. Absent of guidelines, companies are frequently lost to the whim of whomever handled the data last, who has the tightest liability shield, or with whom the data originated. All options could be applicable just as easily as none could be.

Some industries have attempted to establish their own regulations for data privacy that add to state law, while others have gravitated toward adopting regulations for their own purposes under the assumption they must be comprehensive. Accountants with SOC 2, healthcare and HIPAA, etc., are all admirable attempts at regulating who has access to data, and each contributes to the confusion, especially when data is handled through a service provider.

The primary hesitation companies experience when it comes to confidentiality is determining who is in control of sensitive data and where the assumptions of protection and liability stand. Some may assume that the data is held on the cloud provider’s server so the cloud computing provider is liable. Cloud providers take proactive measures to ensure private data will not be exposed, but ultimately the data belongs to their client and the cloud provider cannot control who accesses the data from the client side.

Many cloud computing providers offer a master service level agreement (MSLA) that clarifies this relationship, but it is only a piece of the regulatory mosaic. A line must be drawn somewhere. Like the railroad industry before it, the cloud needs federal regulations to tie the law and the country together. The Wild West nature of varied local laws is chaotic for both sides. As a result, CPA firms lack the means to fully compare cloud providers to one another on security, privacy and best practices. The time for us to enact regulations and privacy laws on the information superhighway was years ago, yet we still operate under rules established during the dial-up days. Until federally mandated regulations are in place, there will continue to be a unique set of rules that are specific to particular states and industries. This leaves everyone wondering which regulations apply to them.

Adopting a wait-and-see attitude of which one prevails leaves a mismatch of misfit regulations. The issue is too important to merely hope for the best. There should be—must be—federally mandated regulations. (Read more on the full article PDF : 2015-06-18 Accounting Today)

Citrix vs. RDP: An Honest Comparison

Citrix and RDP Both Rely on Virtualization: What Is It? Before discussing the differences between Citrix Xen and Remote Desktop Protocol (RDP),..
November 19,2021

Cetrom Support fixed all of my problems, their engineers are very professional, courteous, friendly and very efficient. If all customer service out there was like this, it would be a better world...

- Mid-sized
View All

One of the things we appreciate wholeheartedly about working with Cetrom is how great the people in the service area are and the high-level of responsiveness we have received. I’ve been very pleased..

- Mid-sized
View All

Cetrom’s services and support really stood out against the other cloud vendors. We thought their Citrix delivery platform would have a higher level of adoption because our employees would have the..

- Mid-sized
View All

Our accounting services users working in the field have greatly benefited from our migration to the cloud. They’re now able to be much more efficient while working in a client’s office because they..

- Mid-sized
View All

The decision to migrate to the cloud was one of the best business decisions Rub & Brillhart has made. It required an investment, but we have determined that our year two IT costs will be reduced by..

- Midwest
View All

Our migration process with Cetrom was very smooth and we had an excellent experience with their support during the demo process. We have 24/7 monitoring on our onsite equipment and they have the..

- Small
View All

We are extremely happy with the service and support we receive from Cetrom. Our staff is more efficient overall in our day-to-day activities and we don’t have any downtime. It’s a good feeling..

- Mid-sized
View All

Cetrom is an extremely cost-effective option for IT services. Not only do we receive significantly improved customer service, but we were also able to add a new VoIP system, better internet service,..

- Mid-sized
View All

Because we use specialized software for CPAs, we were concerned about the migration process. Cetrom’s CEO reassured us that there’s no concern because they understand how the software operates in the..

- Mid-sized
View All

We use two programs that often posed a challenge for our previous IT providers. Cetrom handled the situation professionally, coordinated with the software vendors, did all the backend testing, and..

- Mid-sized
View All

After interviewing and reviewing the proposals from various IT providers, it was really a night and day comparison about price, service, and performance—Cetrom was just outshining the others on every..

- Mid-sized
View All

I just want to drop you a line and let you know how pleased we are with our move to Cetrom. Your people knocked it out of the park for us and are doing a great job getting us up and working. On our..

- Small-sized
View All

Because we use specialized software for CPAs, we were concerned about the migration process. Cetrom’s CEO reassured us that there’s no concern because they understand how the software operates in the..

- 97%
View All

Cetrom’s Cloud Computing offers a high-quality, reliable and secure alternative to traditional IT management and provides immediate access to all my IT resources whether I’m in the office, at home or..

- High-quality,
View All

News Archives

See all

Citrix vs. RDP: An Honest Comparison

Citrix and RDP Both Rely on Virtualization: What Is It? Before discussing the differences between Citrix Xen and Remote Desktop Protocol (RDP),..
November 19,2021

Cetrom Support fixed all of my problems, their engineers are very professional, courteous, friendly and very efficient. If all customer service out there was like...

- Mid-sized
View All

News Archives

See all
Is Cetrom Your Cloud Services Solution?