A Checklist for Managing Vendor Relationships
Organizations eager to take advantage of cloud computing need to take a step back and consider many critical privacy and security issues, says Feisal Nanji, executive director at the security consulting firm Techumen.
For example, healthcare organizations should insist on the right "to audit pretty much anything within the environment because if [cloud providers] are doing a good job, then they really have nothing to hide," he says in an interview with HealthcareInfoSecurity's Howard Anderson (transcript below).
In the interview, Nanji points out:
• Regarding data control, "We may have to revise our models for establishing trust and consequences in chain of custody and how we provide access and authentication for our key data assets."
• The movement to the cloud means there will be more interactions between software and systems. And that means organizations must "account for the reality that the user in the cloud may more likely be a machine than another person ... This has very profound implications on how identities are provisioned, authenticated and managed."
• "We must have a clear, concise view of how things are administered." Cloud computing clients should demand that their vendors spell out in advance who can access data, then provide access logs and agree to audits, he says.
To Continue Reading: Click Here
--------------------------------------
Source: govinfosecurity.com
By: Howard Anderson
Subscribe to:
Post Comments (Atom)
1 comments:
Hey, I like your thoughts but you should check out the design at my site and let me know what you think!nyc one keep it up :D,Thank You so much for the tutorial.
I was just wondering if there was any way that this could be made into posts. Thank you for any help
cheap hosting reviews
Post a Comment