Gartner’s Report: Top Seven Cloud-computing Security Risks - Research on Security and Identity Management (by Marco Casassa Mont) -
Research on Security and Identity Management (by Marco Casassa Mont) » Gartner’s Report: Top Seven Cloud-computing Security Risks
Gartner’s Report: Top Seven Cloud-computing Security Risks
Research on Security and Identity Management (by Marco Casassa Mont)

Syndication

Recent Posts

Tags

View more

Blogroll

Archives

I tend to agree with the outcomes of a recent Gartner’s Report on the top seven cloud-computing security risks. A related article, by Jon Brodkin, provides a nice overview and summary of the key taking points of this report:

 “Cloud computing is fraught with security risks, according to analyst firm Gartner. Smart customers will ask tough questions, and consider getting a security assessment from a neutral third party before committing to a cloud vendor, Gartner says in a June report titled “Assessing the Security Risks of Cloud Computing.”   Cloud computing has “unique attributes that require risk assessment in areas such as data integrity, recovery and privacy, and an evaluation of legal issues in areas such as e-discovery, regulatory compliance and auditing,” Gartner says.” In particular I believe that the aspects related to “privileged user access”, “regulatory compliance” and “data location/data segregation/privacy management” are potential key issues that, if not properly addressed, can expose organizations (and users) to high risks.  

--- NOTE:  use this mirror blog if you prefer posting on an external blog site  ---

Posted 07-04-2008 8:45 PM by marcocasassamont
Filed under: , , , ,

Comments

transcyberia.info wrote host-proof hosting
on 07-04-2008 7:14 PM

Think a minute about the security challenges involved in creating a health-centered social network. Or, more generally, any web application that has to handle sensitive user data. What if the database server becomes compromised? How do you make sure tha

marcocasassamont wrote re: Gartner’s Report: Top Seven Cloud-computing Security Risks
on 07-12-2008 5:24 PM

I can't really understand what this comment is about!

What is your point? Coudl you please add more details?

Thanks. Marco

Griffin wrote re: Gartner’s Report: Top Seven Cloud-computing Security Risks
on 06-25-2009 6:21 AM

A number of privacy laws and government regulations such as the Health Insurance Portability and Accountability Act (HIPAA), Federal Financial Institutions Examination Council (FFIEC), Basel II, Payment Card Industry (PCI), and the UK Contingency’s Act have specific stipulations regarding data access and handling and business continuity.

Therefore, before companies begin utilizing public cloud-based services they need to carefully evaluate a cloud-based vendor’s security and privacy practices including data protection, vulnerability management, physical and personnel security, availability, application security, incident response, and data privacy. They should understand who will have access to the data, where it will be located and managed from, how it will be secured, segregated and / or encrypted and what mechanisms are in place to recover from outages.

Powered by Community Server (Non-Commercial Edition), by Telligent Systems