Along with individual users, more organizations are finding compelling reasons to use the cloud. With use, comes risk.

That ubiquitous future of computing has been available by the hour from Amazon since 2006, sold as hosted software even longer, and often used unknowingly by most of us through Gmail, Twitter, Facebook, and other more social cloud applications.

Internet-based computing today brings shared resources, software, and information to hundreds of millions of computers and PDAs around the worldwhether its a consumers using free public cloud applications, an organization employing customized, cloud-based business applications (for example, Salesforce), or a government entity using its private cloud. For instance, many of the 10 billion apps downloaded from iTunes are simply small programs that use data or services stored in the cloud to give the user everything from restaurant choices to song titles to cheapest prices on various products.

With this easy-to-access service comes new tools to do everything from communicate with co-workers to run a CRM platform. You no longer need to purchase hardware, host software, or incur costs for ongoing upgrades for such applications. More important, the convenience and new efficiencies brought by these applications are almost unimaginable.

A Booz Allen study of the federal governments IT department showed that its switch to a cloud environment would result in lifecycle costs 65 percent lower than the current environment, benefit-to-cost ratios (savings to investments) of 5.7 to 25, and a payback on investments in three to four years.

Likewise, the Gartner Group identified cloud computing as a top 10 strategic technology of 2010 and its survey of CIOs found it the top tech priority of 2011.

But with this cloud burst, also comes concern about information technology privacy and security. In simple terms, an open channel to the cloud adds yet another level of risk to everything from an individuals personal information to a business client list or secret sauce. And over the past few years, there have been a handful of well-publicized incidents in which a companys cloud service was shut down, hacked or experienced a loss of data.

In fairness, these incidents were small potatoes compared to past system failures or security breaches caused by hackers or viruses or information taken from stolen laptops (one of which is pilfered every 53 seconds, according to the FBI). But the sheer scale of the transformational movement to cloud computing should make users and providers aware of security and privacy issues and vigilant about their protection.

As both a provider (my company hosts online registration management software) and a user of cloud computing services, I have a dual perspective of the importance of security and integrity and the need for 24/7 accessibility. And from that perspective, I can offer a few tips to improve your comfort level in using hosted services.

  • A good starting point would be a quick review of a providers basic security measures. Your data should be protected by standard encryption (256-bit encryption is todays norm), segregated on a dedicated server and password protected. If the provider works with third parties, you should know whether they have access to your data and what safeguards are in place.
  • Find out how the providers security measures align with yours. It also doesnt hurt to ask if theyve ever had a breach in security or break in service, or what they would do should such an incident occur. And just to be safe, check into how you will get your data in a usable format should something happen to your providers business.
  • I know it is a nuisance, but this is one of those times that you should actually read through the Terms & Conditions to get comfortable with what is the providers responsibility versus what is your responsibility when it comes to privacy and security.
  • On the other end of this two-sided equation, users should establish and follow a good password system. Try to limit the number of authorized users, require strong (number/letter/uppercase/lowercase combos and non-word options) passwords and remind users not to email passwords, leave them on notes on their desks, and so forth. Also, when your provider updates its software, make sure nothing changes regarding passwords and access.
  • Use common sense on what data you input into the cloud service. Only share what is mission critical, and not information unnecessary to the software but potentially harmful if compromised.

Chances are highly likely that you have been using the cloud for years without incident. The market has obviously made the determination that the value offered by such shared services far outweighs any risks.

Finally, It should provide some comfort knowing that it is paramount to a cloud-service providers very existence to ensure the utmost security and performance. In many respects, your data is much safer with a third party cloud provider than say, residing on your laptop computer in the office.