Cloud Security and Governance: Who's on Your Cloud?

Increasingly worried about security and compliance in the Cloud? Your questions answered – read this guide today ...

The rise of Cloud Computing, with services delivered “in the cloud”, offers businesses incredible power and flexibility. It promises the efficient use of human and financial capital resources, reducing infrastructure and operation costs. It proposes a model of computing that is effective at meeting the demands of business in a rapidly changing environment.

Security and Compliance Issues

One of the most difficult challenges related to Cloud Computing, revolves around the security and compliance issues associated with it. This is a major concern and will continue to be so, with the ever increasing onslaught of regulations impacting security controls.

This pocket guide explains and highlights some of the key security and compliance issues surrounding Cloud adoption, and provides helpful insight into how they can be addressed.

Read this pocket guide and …

• Learn what Cloud Computing is: This guide provides a definition of Cloud Computing, before going through the essential characteristics it comprises. Cloud deployment methods and the benefits of Cloud Computing are then discussed.
• Understand Cloud security and privacy issues: Security and compliance are two of the primary inhibitors in Cloud adoption. This pocket guide highlights the security and privacy considerations to keep in mind when planning your Cloud strategy.
• Be aware of the key compliance challenges: Cloud compliance has several important challenges that do not relate specifically to security. This guide details some of the key compliance challenges that you will need to address, including multinational considerations, business continuity and disaster recovery, legal issues and specific regulatory requirements.

The areas of security and compliance often represent the biggest inhibitors to adoption of Cloud Computing, and because the potential impacts of problems in these areas are so profound, it is essential that you carefully identify your requirements in these areas, perform extensive due diligence, and work with your provider to develop and monitor processes that will help you both succeed.

About the Authors

Sumner Blount has been associated with the development and marketing of software products for over 25 years. He has managed the large computer operating system development group at Digital Equipment and Prime Computer, and was Director of Software for Pathway Designs. Sumner came to CA Technologies in 2004, where he has served in the Security and the GRC product marketing groups. Currently the Director of Security Solutions, focusing primarily on compliance issues, Sumner is the author of several industry journal articles, and has spoken at a number of industry conferences.

Rob Zanella is Vice President of IT Compliance and Security for CA, and is responsible for all compliance and security activities within Information Technology. Rob joined CA in 2005, as Director of Internal Audit, to develop the company’s first IT Audit practice. Upon establishing the practice, Rob next assumed responsibility for the IT Compliance function to advise on controls optimization opportunities and to manage CA’s IT risk and controls profile. Rob has over 25 years of IT experience in operations, software development, project management, auditing, compliance and security.