Assurance in the Cloud | Cloud industry forum

Assurance in the Cloud

Resources found: 27
We are delighted to present the latest Cloud Industry Forum research paper, entitled “Cloud – the next generation”. This paper is free of charge to download, (just subscribe to our news services) and you will have access to the latest news and views from the Forum in relation to what’s happening in...
Author: 
Access level: 
Subscriber & Member
Olusola Akinrolabu, of the Centre for Doctoral Training (CDT) in Cyber Security at the University of Oxford has conducted a series of studies in relation to cloud risk assessment and have introduced several novel concepts for assessing cloud provider risks. The team have identified a significant...
Author: 
Access level: 
Public
TM_logo_red_2c_rgb.jpg In 2018, digital extortion will be at the core of most cybercriminals’ business model and will propel them into other schemes that will get their hands on potentially hefty payouts. Vulnerabilities in IoT devices will expand the attack surface as devices get further woven...
Author: 
Access level: 
Public
Spending money on cyber security, we are told, has become the most important investment a company can make. It is said that companies large and small are not investing the right amount or, indeed, in the right things.
Access level: 
Public
For customers procuring cloud services, it is essential to understand fully the impact of data protection and privacy on the process. The areas of greatest concern are focused specifically on how a customer selects a supplier who is compliant with all the necessary legal obligations that affect it, how to identify and mitigate service risk, and how to allocate liability for the service between a customer and supplier according to the price of the service and risk the supplier accepts. How that liability is effectively allocated and how it impacts sub-contractors in the supply chain is also an issue.
Author: 
Access level: 
Member only
Despite Britain voting to leave the EU, little in reality will change from a data protection and privacy perspective. In order to trade freely with the world’s largest single market, the UK government will have to enforce regulations on a par with the forthcoming regulation. The message is clear for UK IT security professionals: stay on the path towards GDPR compliance.
Author: 
Access level: 
Public
A recent roundtable event, organised by the Cloud Industry Forum, and sponsored by Dell, brought together a range of Cloud security experts, all happy to share their views on the topic, providing fascinating insight into the disconnect that often exists between vendors and their customers.
Author: 
Access level: 
Public

This is not a paper about why or if you should migrate to a cloud environment, whether for one particular application or for your entire infrastructure, or for something in-between. Nor is it a paper about which provider of cloud infrastructure, applications or services you should choose to partner with. What this paper is about are the technical considerations that you should bear in mind during the process of moving to, or implementing, products or solutions that are cloud based. Note that we are specifically concerned with technical issues rather than with any personal, political or other concerns that may arise. In other words, we are principally concerned with "what" and "how": what issues you need to think about and, how, in general terms, these can be resolved.

Author: 
Access level: 
Subscriber & Member
Outsourcing elements of your IT infrastructure to an external hosting provider necessarily demands a different approach to governance than with traditional dedicated environments. This paper maps out some high-level recommendations to common governance standards to ease their successful implementation in cloud environments
Author: 
Access level: 
Subscriber & Member
Inside this paper you will find an introduction to what the Cloud is about – and why you need to take it seriously, along with my four most recent columns that seek to address how the Board, together with the CIO, should give practical substance to their paranoid optimism!
Author: 
Access level: 
Subscriber & Member
“Shadow IT” presents significant threats to your information security and availability that can impact your customers, and in turn affect your revenue. In some cases, customers may leave if you have a sustained outage or loss of client data.
Author: 
Access level: 
Subscriber & Member
The predictions that many industry pundits have been making about the rise of Bring Your Own Device (BYOD) are coming to fruition. The surprise is that it is happening at a much-accelerated rate in businesses of all sizes, around the world.
Author: 
Access level: 
Subscriber & Member
The idea cloud can’t be used by regulated industries doesn’t stand up to scrutiny. Indeed, there are many ways in which the technology can be deployed…
Author: 
Access level: 
Subscriber & Member
We discuss cloud security concerns and why businesses needn’t worry so much with Peter Groucutt, managing director of Databarracks.
Author: 
Access level: 
Public
The Databarracks annual Data Health Check surveys hundreds of IT professionals across 19 different fields to capture a snapshot of the way businesses use and think about IT. Here are the highlights from 2014.
Author: 
Access level: 
Member only
What should your first steps be when formulating a security policy for cloud use? Davey Winder has been talking to the experts about this very subject. Read on to find out more…
Author: 
Access level: 
Member only
Set of slides from the Cloud Expo 2014 exhibitions keynote presentations. Antonio Piraino, CTO ScienceLogic. Member, Cloud Industry Forum
Author: 
Access level: 
Member only
Businesses are beginning to make the most of their data, but they to need to ensure security issues are sorted out first...
Author: 
Access level: 
Subscriber & Member
Penetration testing is a customer-sanctioned intrusion of a network or computing infrastructure by a specialist 3rd party.
Author: 
Access level: 
Member only
Is cloud the nirvana of IT deployment models? Will everything make the transition to the cloud? Are we facing the terminal demise of on-premise IT? This comprehensive e-book from CIF and CloudPro examines a broad section of topics related to the adoption of cloud in the enterprise. Advice, insight and guidance to help you make tomorrow’s tech decisions, today.
Author: 
Access level: 
Public

The results of this survey show that interest in the use of SaaS applications among organisations in Germany and the UK is increasing; with flexibility, access by mobile devices and always-on availability being the primary drivers. However, security is still seen as the greatest inhibitor, including the need to protect data from being accessed inappropriately. Identity and access management technologies play a key role in authenticating users according to the rights that they have been granted. Today, there are relatively new breeds of identity management services that extend identity and access management capabilities to externally provisioned applications as well as catering to the needs of both mobile and external users, such as customer and business partners. Such services provide an efficient means of assuaging some of the prime security concerns that organisations have in subscribing to SaaS services.

Author: 
Access level: 
Public
For law firms and corporate legal departments, the dynamics of a cloud delivery approach can be especially attractive—making it possible to increase staff productivity, deliver better client service, and improve business agility while reducing expense.
Author: 
Access level: 
Member only
A survey by IDG Research Services reveals that organizations face confusion in researching cloud options, forcing them to adjust goals and search for more flexible and open cloud solutions that can help them prevent vendor lock-in.
Author: 
Access level: 
Subscriber & Member

Cloud-based applications and services, and software-as-a-service applications in particular, are coming into widespread use by organisations of all sizes. Such applications are used to process and store sensitive information making it imperative that user access rights are tightly controlled to ensure that information is secure from loss or theft and remains private. This paper discusses recent developments in identity and access management technologies that aim to extend such controls to services provided from external sources.

Author: 
Access level: 
Public
Practical solutions for the digital age of Global Communications and Mass data exchange.
Author: 
Access level: 
Member only
Industry surveys consistently show that security is the number one concern when it comes to cloud adoption. In our related, previous report, "Secure your data - protect your business" we discussed best practice recommendations arising from interviews with a number of organisations and how they treat their data. In this follow up report, we answer key questions that people are asking us about cloud adoption and data management.
Author: 
Access level: 
Public
The research polled 450 senior IT and business decision makers in enterprises, small-to medium businesses (SMBs) and public sector organisations.
Author: 
Access level: 
Subscriber & Member