Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Security implications of Cloud Computing report from the ISF

Information Security Forum : 13 November, 2009  (Technical Article)
The Information Security Forum has developed five pieces of security risk reduction advice for companies wanting to take advantage of cloud computing technology
Newsletter featured story - sign up for our free weekly editorial newsletter here


With implementation of cloud services gathering pace, researchers at the Information Security Forum (ISF), working with its Member organizations, have developed five top level tips for reducing security risk in Cloud Computing . The findings are part of a wide ranging report called Security Implications of Cloud Computing that draws on the knowledge and practical experiences of ISF Members; some 300 of the world's leading corporations and public sector bodies.

Research by the ISF also showed that 91% of its Members surveyed thought that Cloud Computing changes the risk landscape for information security in their organizations. The main areas highlighted include: managing user identities and credentials, third-party service providers, emerging cloud technologies, protecting against new forms of malware, and legal and regulatory issues. However, most ISF Members recognise the benefits of Cloud Computing and believe that they are well placed to address these security issues.

Before moving into the cloud, the ISF advises organizations to address five tasks; prepare a strategy; identify the impact on business operations; assess risks to data; ensure information security is part of the decision making process and work on the assumption that Cloud Computing is already being used in the organization.

"The ability to obtain state-of-the-art information technology services with little or no development costs or capital expenditure and benefit from ongoing flexibility and cost savings is a tempting proposition," said Gary Wood, research consultant at the ISF and co-author of the report. "But as many of the early adopters are SMEs, Cloud Computing solutions need to continue to scale and keep pace in order to meet the more sophisticated security needs presented by larger organizations."



"Moving to Cloud Computing services shifts direct control over the technology and resources that provide the services, making it a shared responsibility for the infrastructure and also the data within the Cloud Computing environment," adds Wood. "Security professionals also have some concerns about issues such as the protection of intellectual property, enforcing contractual specifications and preventing unauthorized use of data; but with the right planning and preparation we firmly believe it is possible to deploy a rich, robust and secure implementation."

The Cloud Computing report is the latest addition to some 400 leading authoritative reports on information risk and security available to ISF Members. "Reports such as this enable information risk and security professionals to stay ahead of the curve to support their organizations," said Prof. Howard Schmidt, President & CEO of the ISF. "With the right controls and technologies in place, organizations can to take full advantage of Cloud Computing without putting their infrastructure or data at risk."

The ISF is a not-for-profit, international association of some 300 leading companies and public sector organizations worldwide, dedicated to reducing risk and resolving information security challenges. In addition to its major body of research, the ISF has also developed advanced information risk methodologies and benchmarking tools.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo