The Right to be Forgotten

What often gets overlooked in the conversation on cloud security is the subject of “deletability" of cloud data.

During this session our expert panel will explore the topic of whether cloud data that is “deleted” by an end-­user is actually completely removed from the cloud? By end-user we mean the consumer and the cloud administrators.

Is it universally deleted from all servers, and backups or is the end user’s access to the data simply severed leaving data instances floating out in the cloud?

How does a tenant of the cloud prove to the auditors and regulators that the data has been deleted?

How can a cloud provider help the tenant accomplish their compliance goals?

How can data encryption help? What about the need to delete configuration and policy data? Our panel believes that the
cloud industry is nascent with regard to the above questions and we wish to discuss and propose a way forward to remove the cloudiness around this issue.

Key Takeaways:

• Why it is important for users to understand what actually happens when you delete data instances in the cloud, including what happens to meta-data.
• Some ways to ensure that data is deleted from the cloud that proves compliance to auditors and regulators.
• The role of encryption in protecting deleted data instances in the cloud, and key management considerations.
• The role of tenant versus provider in deleting data instances in the cloud.
• What the industry needs to focus on to ensure proper data deletion practices in the cloud.