Cloud Computing Strategies for the CIOEmail Alerts
-
Gartner: Negotiate cloud contracts with detailed security, control
When negotiating with cloud providers, enterprises must demand cloud contracts with specific security and control provisions, Gartner analysts say. News | 14 Jun 2013
-
CSA offers new initiatives to address SMB cloud security issues
In response to growing SMB cloud security issues, the Cloud Security Alliance announced a new working group and membership level focused on SMBs. News | 26 Apr 2013
-
Trust a significant issue for cloud services, survey finds
A survey conducted by database security vendor GreenSQL found a high level of distrust in cloud services, despite the perception that transparency is increasing. News | 19 Dec 2012
-
Enterprise cloud adoption in 2013 prompts data security questions
Adopting cloud-based services raises concerns and questions about data security, according to the Sophos 2013 Threat Report. News | 17 Dec 2012
-
Cloud security begins with the contract, says expert
Enterprises must empower their legal teams to ask the right questions and write contracts based on risk management, explains Tom Kellermann of Trend Micro. News | 21 Nov 2012
-
Sandy put business continuity planning in spotlight
Some firms struggled while others smoothly executed disaster procedures. Experts said cloud computing aided data center resiliency. News | 05 Nov 2012
-
For U.S. Mint, cloud computing security transparency effort pays off
U.S. Mint CISO Chris Carpenter said his cloud provider wasn't ready for either his security questions or to share continuous monitoring and log data. News | 03 Oct 2012
-
ENISA offers governance guide for cloud computing contracts
European agency provides framework for monitoring cloud provider security after a contract is signed. News | 04 Apr 2012
-
How CloudFlare’s website service protected LulzSec
The LulzSec hacking group signed used CloudFlare to protect its website. CloudFlare CEO Matthew Prince shared how the service defended the site against attacks. News | 07 Mar 2012
-
Plan ahead for cloud computing breaches in cloud contracts, experts say
Organizations need to plan ahead for possible cloud breaches, legal experts advise. News | 29 Feb 2012
- See more News on Cloud Computing SLAs and Legal Issues
-
Cloud data breach notification: Defining legal obligations
Francoise Gilbert provides a cloud data breach notification overview for enterprises concerned about placing personal information in the cloud. Tip
-
How do international data privacy laws compare to the Patriot Act?
What level of data privacy exists in the global cloud? Expert Francoise Gilbert compares international data privacy laws with the Patriot Act. Tip
-
Developing a cloud SLA: Key security and compliance issues
Organizations need to cover key risk areas when writing cloud provider service level agreements. Tip
-
Cloud computing vendor lock-in: Avoiding security pitfalls
Unscrupulous cloud providers can use security controls to make it hard to switch vendors. Know the questions to ask to avoid cloud lock-in. Tip
-
Demystifying the Patriot Act: Cloud computing impact
An examination of the rules for federal data access shows that it’s actually a complex, difficult process. Tip
-
Are cloud providers HIPAA business associates?
Deciding whether your cloud provider is a business associate comes down to a judgment call based on the type of cloud usage. Tip
-
The proposed EU data protection regulation and its impact on cloud users
Cloud customers and cloud providers would face stricter data security requirements under draft European regulation. Tip
-
Stepping carefully into health care cloud computing
Health care providers must plan any cloud migration carefully to protect patient safety and maintain HIPAA compliance. Tip
-
Cloud contracts: Cloud computing pricing
The unpredictability of cloud service pricing can make budgeting difficult for CIOs and CISOs. Tip
-
Planning for cloud e-discovery: functions and procedures
Companies need to plan ahead for how they will gather evidence in the cloud. Tip
- See more Tips on Cloud Computing SLAs and Legal Issues
-
Soc 3 (Service Organization Control 3)
A Service Organization Control 3 (Soc 3) report outlines information related to a service organization’s internal controls in security, availability, processing integrity, confidentiality or privacy. Definition
-
SSAE 16
SSAE 16, also called Statement on Standards for Attestation Engagements 16, is a regulation created by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) for redefining and updating how service compan... Definition
-
Soc 1 (Service Organization Control 1)
A Service Organization Control 1 or Soc 1 (pronounced "sock one") report is written documentation of the internal controls that are likely to be relevant to an audit of a customer’s financial statements. Definition
-
CloudAudit
CloudAudit is a specification for the presentation of information about how a cloud computing service provider addresses control frameworks. The specification provides a standard way to present and share detailed, automated statistics about performa... Definition
-
Cloud Security Alliance (CSA)
The Cloud Security Alliance (CSA) is a nonprofit organization that promotes best practices for securing cloud computing and provides information on the ability of cloud computing to secure other forms of computing. The industry group also provides se... Definition
-
cloud computing
A cloud service has three distinct characteristics that differentiate it from traditional hosting. It is sold on demand, typically by the minute or the hour; it is elastic -- a user can have as much or as little of a service as they want at any given... Definition
-
Can enterprises really count on cloud computing cost savings?
Video: Enterprises counting on cloud computing cost savings may be in for an unpleasant surprise, plus learn about often-overlooked cloud risks. Video
-
David Navetta on cloud computing contracts, cloud computing breaches
In this video interview at RSA Conference 2012, David Navetta, founding partner of the Information Law Group, talks about key issues with cloud contracts. Video
-
Podcast: Ensuring security in a SaaS contract
In this interview, Mike Hamilton, CISO for the city of Seattle, talks about the city’s SaaS toolkit and how it ensures the SaaS it buys is secure. Podcast
-
Gartner: Negotiate cloud contracts with detailed security, control
When negotiating with cloud providers, enterprises must demand cloud contracts with specific security and control provisions, Gartner analysts say. News
-
Cloud data breach notification: Defining legal obligations
Francoise Gilbert provides a cloud data breach notification overview for enterprises concerned about placing personal information in the cloud. Tip
-
CSA offers new initiatives to address SMB cloud security issues
In response to growing SMB cloud security issues, the Cloud Security Alliance announced a new working group and membership level focused on SMBs. News
-
How do international data privacy laws compare to the Patriot Act?
What level of data privacy exists in the global cloud? Expert Francoise Gilbert compares international data privacy laws with the Patriot Act. Tip
-
Trust a significant issue for cloud services, survey finds
A survey conducted by database security vendor GreenSQL found a high level of distrust in cloud services, despite the perception that transparency is increasing. News
-
Enterprise cloud adoption in 2013 prompts data security questions
Adopting cloud-based services raises concerns and questions about data security, according to the Sophos 2013 Threat Report. News
-
Cloud security begins with the contract, says expert
Enterprises must empower their legal teams to ask the right questions and write contracts based on risk management, explains Tom Kellermann of Trend Micro. News
-
Developing a cloud SLA: Key security and compliance issues
Organizations need to cover key risk areas when writing cloud provider service level agreements. Tip
-
Sandy put business continuity planning in spotlight
Some firms struggled while others smoothly executed disaster procedures. Experts said cloud computing aided data center resiliency. News
-
For U.S. Mint, cloud computing security transparency effort pays off
U.S. Mint CISO Chris Carpenter said his cloud provider wasn't ready for either his security questions or to share continuous monitoring and log data. News
- See more All on Cloud Computing SLAs and Legal Issues
About Cloud Computing SLAs and Legal Issues
Service level agreements are critical when working with a cloud service provider to ensure enterprise security and compliance requirements are fulfilled and security responsibilities are clearly delineated. Find tips on negotiating cloud computing SLAs that protect your organization. Also learn about cloud computing legal issues in hosted environments such as data location and contract termination.