There is little doubt that scalable cloud services have produced tremendous benefits for enterprises, nonprofit organizations, governments, and individuals alike. The ability to deploy virtual servers and systems almost instantaneously when needed has become standard operating procedure that all these entities depend on for success.

But even with this proven success, there remains a nagging question for many stakeholders, especially those tasked with protecting and securing the data generated by businesses taking advantage of cloud services: Can we really trust our cloud service providers to protect our data?

This basic question has been repeatedly asked since the day cloud computing became a common business practice. I mean, after all, using the cloud by definition means you are storing data on hardware owned and controlled by another company. What assurances does a company like Microsoft offer when the question of trust is raised?

SEE: Microsoft still has work to do when it comes to malware security

Trust but verify

Microsoft and the other reputable cloud service providers understand this concern and work hard to assuage customer concerns regarding security and trust. For example, at the basest level, losing customer trust means losing business, which eventually leads to extinction. Hardly the recipe for a solid business plan.

But enterprise-level cloud service providers like Microsoft must also make assurances that transcend the basic desire to stay in business. In a March 2017 blog post, Mark McIntyre, Chief Security Advisor, Enterprise Cybersecurity Group at Microsoft, explained some of the steps his company is taking to secure and protect customer data.

According to McIntyre, Microsoft spends over a billion dollars a year in cybersecurity and data protection initiatives. One of those initiatives is the development of the intelligent Microsoft Security Graph. This program leverages all the collective experience of Microsoft and its billion-plus points of cybersecurity data to reveal patterns of malicious activity and to predict where and when future cyber threats will occur.

McIntyre also mentioned Microsoft’s emphasis on better control over access to data and increased transparency in how the company currently protects data and what it plans to do to secure data in the future. These are his examples of why Microsoft can be trusted.

While all that sounds great, as a customer it also sounds a bit too abstract to rely on exclusively. No matter how you look at it, relying on cloud services provided by a third-party means accepting a certain amount of risk–risk that can be mitigated only by establishing a certain amount of trust.

SEE: Use new security features in Microsoft Office 365 to raise your Secure Score

Bottom line

Cloud computing plays an integral part in the success of modern business enterprises. But that success is achieved only by accepting a bit of risk. By its very nature, cloud computing puts your data in the hands of a third party, which requires a high level of trust.

Microsoft and other cloud providers understand how important customer trust is to their respective businesses and do everything they can to assure that trust is never tarnished.

However, that is only half of the equation. Enterprises must never become complacent about their data security and the security provided by their third-party cloud providers. Every enterprise should be actively questioning, testing, and probing their security systems. No business can passively accept or trust what another company says about its security–security systems must be proactively tested and retested.

In business, as in most things, trust can never be given unconditionally; it must be continually earned and honed by all parties. In many ways, for companies like Microsoft, trust has become their most important product–the one thing they can’t afford to lose. And while assurances from executives help, this is another case where actions speak louder than words.

Also read…

Your thoughts

How well do you trust your cloud service provider to protect your data? Share your thoughts and opinions with your peers at TechRepublic in the discussion thread below.