Trillium Software
     

21/3/11

By Sophie Baker

Ignorance and Ambiguity are among the seven deadly sins of cloud computing, according to the Information Security Forum’s (ISF) report looking at the implementation of and guidance for this technology.

Securing cloud computing: addressing the seven deadly sins aims to help organisations move quickly to develop practical, business-oriented solutions to secure cloud services, drawing from insight from the ISF’s global Membership.

Ignorance – cloud services having little or no management knowledge or approval; ambiguity – contracts are agreed without authorisation, review or security requirements; doubt – little or no assurance when it comes to providers’ security arrangements; trespass – failure to consider the legality of placing data in the cloud; disorder – failure to implement proper management of the classification, storage and destruction of data; conceit – belief that enterprise infrastructure is ready for the cloud when it’s not; and complacency – assuming 24/7 service availability, are the seven sins.

“While the cost and efficiency benefits of cloud computing services are clear, organisations cannot afford to delay getting to grips with their information security implications,” commented Steve Durbin, ISF global vice president. “With users signing up to new cloud services daily – often ‘under the radar’ – it’s vital that organisations ensure their business is protected and not exposed to threats to information security, integrity, availability and confidentiality.”

The ISF recommends that cloud service providers are treated like other external suppliers, such as an outsourcer or offshore provider, and be covered by the same form of contract.

The report is available to ISF members, although an executive summary is available here.

Home     More News


Other stories you may find of interest:

Cloud bodies partner to promote best practice
The Cloud Industry Forum and the Cloud Security Alliance have joined forces to drive best practice in cloud service provision

ISSA-UK launches security best practice and guidance for SMEs
A working group tasked with providing good guidance and best practice for information security for Small and Medium Enterprises (SMEs) in the UK and beyond has delivered a draft standard for consultation

awards banner


Dataflux Video

markevans


FStech Whitepapers
Single Customer View in Financial Service
This white paper outlines what a single customer view is and what the UK requirements are, why this represents best practice and how it can be advantageous to the business, and the techniques and technologies that will be most effective in establishing and maintaining such an approach.
TATA Consultancy Services - Cloud Computing
Cloud computing is the convergence of virtualization, distributed applications, grid, maturity of enterprise software applications and enterprise IT management.
Genesys. Sustained Management: Changing the Game with Genesys iWD
The article explains how Genesys intelligent Workload Distribution (iWD) has the power to change the game in the contact center space based on new visibility into tracking, reporting, and performance management
Research Study: The Revolution in Self-Service Channels in the Financial Services Sector
This report analyses the growth of consumer self-service channels in key areas of the Financial Services Market
Genesys. Staffing and Workload Management:
Fleshes out the importance of properly managing contact center and back office work, especially through the alignment of employee skill sets.
Genesys. The Importance of Proper Hiring, Training, Career Path Development, Skilling, and Routing
Which explains why it is imperative to implement these factors correctly in the contact center and back office to ensure competent customer interactions.
Genesys. Rethinking Contact Center and Back Office Processes:
The Challenges of Achieving Balance and Consistency
SVC Analysis Report
Getting value from a single customer view?

This website is a part of Perspective Publishing Limited, registered in England No 2876166.