Thinking Cloud Services - Look Before You Leap!
Project and Program: Enterprise Data Center
, Security and Compliance
, SHARE in Atlanta 2012
As enterprises turn to Cloud services to try and leverage economies and reduce operating risks, they could be walking "eyes wide shut" into a dangerous security environment. It is very unlikely that a Cloud provider has the same level of controls that most customer organizations have today, and even more unlikely that they have controls in place that you would expect in an operation that commingles customer accounts and data. Some hide, weakly, behind a claim to have a SAS 70 Type 1 audit. Oh, puhlease! What about an ISMS Certification (ISO 27000)? What other key security capabilities should you expect from a Cloud service? This presentation identifies those key capabilities, and provides a Cloud Service Evaluation Checklist that you can use to do a quick reality check on your anticipated or current Cloud provider.
Brian Cummings, Tata Consultancy Services
Back to Proceedings File Library