A concern businesses must address with all at-rest encryption methods is who at the provider has access to at-rest encryption keys. Insider privacy breaches are not uncommon, so business customers naturally want assurances that their at-rest data is protected from interlopers. Alas, no cloud provider seems to address this issue in its published privacy policies, which generally speak to only the privacy of personal data collected for individual user identification and billing.
Box.net CEO Aaron Levie makes verbal assurances, even though the service's published policy doesn't address the issue: "Because we are a cloud-based service, we store the encryption keys so customers are able to retrieve their data from any device, once authenticated. Only based on an explicit customer request or authorization can data be accessed from the service." Other providers were unwilling to discuss their internal encryption procedures.
Businesses also seek extra control over who has access to their mobility clouds. One way providers deliver this control is via LDAP (Lightweight Directory Access Protocol) connectors, which link to business-owned authentication servers. These servers, in turn, can require multifactor authentication, such as biometrics or security tokens. No cloud provider currently offers direct multifactor authentication, although last fall Google added two-factor authentication to Google Apps, via an SMS code transmitted to a user's mobile device.
When they come together, tablets and clouds will be the new style of computing Given the nearly instant acceptance of tablets by users and the rapid infiltration of businesses by tablets, it seems sure that the new computing paradigm is worth considering. Whether tablets ultimately displace laptops depends a lot on tablet OS makers and their ability to smoothly integrate devices with cloud storage. Ideally you'd just pull up the "cloud storage" panel on your tablet, select one or more cloud providers, and treat them like disks in the sky from any and all applications. Until that happens, users must continue to deal with a patchwork of third-party apps and cloud intermediaries.
But that's still better than syncing files over a USB cable or managing files as email attachments.
Sign up for CIO Asia eNewsletters.