tISS: Data Security in the Cloud
Activity amongst corporate IT professionals repeatedly highlights the data challenges for enterprises using commercial cloud solutions. Cloud services appeal because they are cheap and quick to set up, however this ability to purchase IT services on a credit card and slip through the security net is exactly why information security professionals are concerned about the nature of company data being transferred to the cloud.
With cloud service providers themselves announcing that they wouldn't keep their sensitive data in the cloud, why on earth should they expect their customers to? The recently published Ponemon Institute report finds that most cloud service providers did not consider security as one of their most important responsibilities, instead passing the responsibility for the protection of sensitive information back to their customers.
The wealth of regulations and legislation concerning data can also be confusing, there is so much regulation in place now that organisations spend their whole time spinning plates, following regulations to prevent costly fines rather than focusing on understanding and managing their risks.
This report strips back the hype of cloud computing to look closely at the issue of the value of company and personal information and how it is handled, and recognises the need to approach cloud service providers with their needs if anything other than non-sensitive data is to be kept in the cloud.
"The Corporate IT Forum is a fantastic level check, free of vendor sell and consultancy hype. I like the open sharing of experience…"
"We get valuable knowledge and experience from members of The Corporate IT Forum. This helps us to make better and informed decisions to reach our business goals…"
"The knowledge from other people on what they are doing/have done is invaluable to my team"
"The workshop validated the marketplace for supplier apps; participants were of a uniformly high standard; personally, I value highly the ethos of the Forum in the fact that it is supplier independent"