WELCOME TO THE CONTINUITY CENTRAL ARCHIVE SITE

Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

Business continuity information

The ‘seven deadly sins’ of cloud computing: new Information Security Forum report

A new report from independent information security body, the Information Security Forum (ISF), identifies ‘seven deadly sins’ of cloud computing implementation and offers guidance on how to tackle them.

The aim of the new report – ‘Securing cloud computing: addressing the seven deadly sins’ – is to help organizations move quickly to developing practical, business-oriented solutions to securing cloud services, drawing from insight from the ISF’s global Membership.

The seven deadly sins outlined in the ISF report are:

1. Ignorance – cloud services have little or no management knowledge or approval;

2. Ambiguity – contracts are agreed without authorization, review or security requirements;

3. Doubt – there is little or no assurance regarding providers’ security arrangements;

4. Trespass – failure to consider the legality of placing data in the cloud;

5. Disorder – failure to implement proper management of the classification, storage and destruction of data;

6. Conceit – belief that enterprise infrastructure is ready for the cloud when it’s not;

7. Complacency – assuming 24/7 service availability.

“While the cost and efficiency benefits of cloud computing services are clear, organizations cannot afford to delay getting to grips with their information security implications,” says Steve Durbin, ISF Global Vice President. “With users signing up to new cloud services daily – often ‘under the radar’ – it’s vital that organizations ensure their business is protected and not exposed to threats to information security, integrity, availability and confidentiality.

“As our report makes clear, we recommend that cloud service providers are treated like other external suppliers, such as an outsourcer or offshore provider, and should be covered by the same form of contract’”, adds Durbin.

An executive summary of the new report is available from here.

•Date: 18th March 2011 • Region: World •Type: Article •Topic: IT continuity

Business Continuity Newsletter Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.
   

How to advertise How to advertise on Continuity Central.

To submit news stories to Continuity Central, e-mail the editor.

Want an RSS newsfeed for your website? Click here