Access "Marcus Ranum: Cloud service-level agreements"
This article is part of the March 2013/ Volume 15 / No. 2 issue of Outsourcing security services
Marcus Ranum: Randy, thanks for taking the time to talk. When I look at the list of stuff you’re involved in, it makes my head hurt. But whenever I hear about another big cloud service disruption, I think of you! I know that security people always say you’ve got to look carefully at service-level agreements [SLAs] and conditions, and we were saying that a long time before “the cloud” was cool. Are the requirements for these big SaaS [Software as a Service] and cloud deals getting sorted out to the point where it’s not a big headache? Are customers still dealing with a wilderness of negotiations, or the “you can have any color you want, as long as it’s black” kind of model? Randy Sabett: Thank you for asking me to have a chat, Marcus. On this first question, though, you’re forcing me to start right off with the typical lawyer’s response, “it depends.” But, in this case, it really does. If someone’s looking for a commodity service to cut costs and doesn’t care about security, they likely won’t have too many headaches. Think of the use case in which a company ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Outsourcing security services in the enterprise: Where to begin
by Mike Chapple, Enterprise Compliance
Outsourcing security services doesn’t have to mean moving to the cloud. Enterprises have many options for outsourcing security services, including managed and hosted services.
-
Managing big data privacy concerns: Tactics for proactive enterprises
by Lynn Goodendorf, Contributor
The growing use of big data analytics has created big data privacy concerns, yet viable tactics exist for proactive enterprises to help enterprises get smarter while keeping consumers happy.
-
Outsourcing security services in the enterprise: Where to begin
by Mike Chapple, Enterprise Compliance
-
-
Antivirus evasion techniques show ease in avoiding antivirus detection
by Joe Granneman, Contributor
In the wake of the New York Times attack, a look at antivirus evasion techniques show how easy it is to avoid antivirus detection and why new defenses are needed.
-
Antivirus evasion techniques show ease in avoiding antivirus detection
by Joe Granneman, Contributor
-
Columns
-
Big data creates cloudy security forecast
by Robert Richardson
Security in the cloud has come a long way and it’s now possible to control the quality of security you get in Web deployments, and to monitor what’s going on in your slice of the cloud.
-
Well-rounded information security education benefits IT professionals
by Doug Jacobson and Julie A. Rursch
A security-savvy IT staff can help reduce risk. Learn about information security training and education options for IT professionals.
-
Marcus Ranum: Cloud service-level agreements
by Marcus Ranum
Marcus Ranum, security expert and Information Security magazine columnist, goes one-on-one with Randy Sabett, counsel at ZwillGen PLLC and formerly with the National Security Agency to discuss cloud SLAs.
-
Big data creates cloudy security forecast
by Robert Richardson
More Premium Content Accessible For Free
Compliance and risk modeling
E-Zine
You can fight compliance or embrace it, but one way or the other, you can’t escape it. Increasingly, smart organizations are not just accepting ...
Essentials: Threat detection
E-Zine
Antivirus and intrusion prevention aren’t the threat detection stalwarts they used to be. With mobile endpoints and new attack dynamics, enterprises ...
Managing identities in hybrid worlds
E-Zine
The world in which successful IAM programs must be implemented is increasingly complex, a mix of legacy on-premise IAM infrastructures, cloud-based ...