Global Secure Systems (GSS), the value-added security consultancy, is urging companies - of all sizes - to check their regulatory requirements on data storage before starting to prepare for the official launch of Windows Server 2008.
"Microsoft's launch into the world of Cloud Computing, announced this week, is quite revolutionary since it is based on Windows Server 2008 running on Microsoft data centres and accessible only as a service," said David Hobson, GSS' managing director.
"Running on top of this Internet-based service, which Microsoft calls Azure, runs Live Services, .NET Services, SQL Services, Microsoft SharePoint Services and Dynamics CRM. Whilst Azure is highly appealing, the problem facing many businesses is where their data is actually being stored, as current legislation mandates that firms must indicate to their customers where their data will be stored," he added.
According to Hobson, firms that fail to notify their customers and regulators of their intention to use Cloud Computing and/or also fail to ensure their personal data is stored in a country that provides adequate protection - could fall foul of the Data Protection Act.
And that, he said, is just for starters, as the legal implications of Cloud Computing are a potential quagmire for the unwary.
Microsoft's Azure service, he explained, may be just what the doctor ordered when it comes to consumer computing, but for firms also wanting to cut their data storage costs - and improve road warrior access to that data - it could be a legal challenge.
"Revolutionary though Azure is, it's important that companies extend their legal compliance and customer agreements to support Microsoft's Cloud Computing initiative. And that's before we even begin to talk about extending the IT security envelope to support this brave new virtual world of computing," he said.