Security and the Cloud: Turning an Obstacle into a Proof Point

Amy Larsen DeCarlo
Amy Larsen DeCarlo

Summary Bullets:

  • Security remains both one of the top barriers to entry into the cloud and perhaps the greatest differentiator for enterprise-class cloud services.
  • Though the lack of common industry-wide standards remains a challenge, savvy cloud providers are finding innovative ways to demonstrate their ability to protect customer assets in an on-demand environment.

For understandable reasons, many organizations are wary enough about security today in the cloud to put off enterprise-wide migration plans far into the future.  With the on-demand model still a mystery to many and no clear cut industry-wide standards to establish baseline cloud computing specifications, enterprises are not willing to risk exposing critical assets to the unknown.  In Current Analysis’ 2012 survey on enterprise cloud adoption, security was cited as the single biggest concern associated with moving to a cloud strategy. Continue reading “Security and the Cloud: Turning an Obstacle into a Proof Point”

Compliance and (In)Security

A. DeCarlo
A. DeCarlo

Summary Bullets:

  • For all the emphasis on industry security standards and regulatory compliance, businesses too often miss the mark
  • For those that do not achieve compliance, security breaches are all too common

Nothing drives enterprise security spending quite like compliance. Angst over meeting or missing a mandate strikes fear in the hearts of CIOs and IT security directors everywhere. As a result, it is not at all unusual for a company to map its security priorities to government standards such as those laid out in the Federal Information Security Management Act (FISMA) or industry specifications such as the healthcare-focused Health Insurance Portability and Accountability Act (HIPAA) specification and the Health Information Trust Alliance (HITRUST) framework.
Continue reading “Compliance and (In)Security”