Data security in the cloud
| Publication Date | May 2009 |
|---|---|
| Publisher | Ovum |
| Product Type | Report |
| Pages | 19 |
| ISBN Number | not applicable |
| Product Code | OVM00879 |
Buy this product or for assistance call +44 20 7060 7474
Summary
Cloud services promise efficiency savings and economies of scale, but security and compliance concerns are holding back most organisations from taking advantage of them. Service providers should be more open about their security policies and practices.
Content
- Executive summary
- In a nutshell
- Ovum view
- Key messages
- Service providers should not rely on obscurity
- Compliance requirements in shared environments are unclear
- Cloud service security is heavily dependent on access control and identification
- Ask your potential suppliers probing questions
- Cloud services require the user's environment to be secure
- Why worry?
- Is the risk real or hype?
- Cloud computing takes IT outsourcing one step further
- Business and regulatory requirements
- Global review
- Is the cloud compatible with compliance?
- Legal concerns
- Contractual obligations are alien to the cloud service providers
- Controls and notification don't translate into the cloud environment
- Data and media destruction
- Security in cloud services today
- How far can you go on trust?
- The balance sheet
- Overall security levels appear to be high, but cannot be measured
- Security and shared resources
- Security and flexibility are tradable
- Security that can't be provided in the cloud
- Counterbalancing security measures
- Security and compliance
- Cloud service providers have to show evidence
- Geographical location
- Legal disclosure
- No standards and no consistent practice
- SAS 70
- ISO 27001
- FIPS 199/200
- NIST Special Publication 853
- Cloud Security Alliance
- The National Institute of Standards and Technology proposed standard
- Available technology
- How cloud services can be secured
- Service platform security
- Data protection
- Separation of data
- Meta data
- Encryption of communications between the customer and the cloud
- Encryption of stored data
- User access control
- Single sign on and user provisioning
- Audit and reporting
- Application security
- Security testing services
- Integration is a weak point
- Strategy
- Cloud service providers should
- Enterprises should
- Responsibility and risk
- Compliance strategy
- Data classification
- Enhance user access control
- Infrastructure maintenance
- Do not expect too much from SLAs
- Audit the service provider
- Contract termination
- Questions for your SaaS provider
Delivery Details
PDF:Delivered by email usually within 4 to 8 UK business hours.
PRINT/CD-ROM:Despatched within 1 to 2 working days.
Related Products
Computing & Electronics
- Batteries
- Company Reports (Computing & Electronics)
- Computer Peripherals
- Computer Products Distribution & Support
- Country Overview (Computing & Electronics)
- Electrical Components
- Electrical Products
- Entertainment & Gaming
- Handheld
- Hardware
- IT Investment
- IT Outsourcing
- IT Security
- IT Services
- Internet
- Manufacturing
- Misc. Computing & Electronics
- Multimedia
- Nanotechnology
- Networking
- RFID
- Scientific & Technical Instruments
- Semiconductors
- Servers & Mainframes
- Software
- Specialised Computer Systems
call +44 (0) 20 7060 7474
or email us
Resources
Why Report Buyer? 
Advertising/Affiliates
View Our Publishers
News
About Us
Meet Us
Jobs
Contact Us
Categories and Subcategories
