1 Legal Issues in the Cloud: A Case Study Jason Epstein
2 Outline Overview of Cloud Computing Service Models (SaaS, PaaS, IaaS) Deployment Models (Private, Community, Public, Hybrid) Adoption Different types of organizations using the Cloud In general: Service Model, Deployment Model, vendor and type of organization all impact negotiation and legal issues Case Study: Health care buying direct using public cloud Source:
3 Service Models Cloud Software as a Service (SaaS). The capability provided to the consumer is to use the provider s applications running on a cloud infrastructure. The applications are accessible from various client devices through a thin client interface such as a web browser (e.g., web-based ). The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings. Example: Salesforce.com, Google docs, Yahoo! mail. Source:
4 Service Models (cont d) Cloud Platform as a Service (PaaS). The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly application hosting environment configurations. Example: PaaS is a development platform for developers. Salesforce.com's "Force.com"; Windows Azure Platform. Source:
5 Service Models (cont d) Cloud Infrastructure as a Service (IaaS). The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications, and possibly limited control of select networking components (e.g., host firewalls). Example: Fully outsourced managed hosting and development environments. Google, IBM, Amazon.com etc. Source:
6 Deployment Models Private cloud. The cloud infrastructure is operated solely for an organization. It may be managed by the organization or a third party and may exist on premise or off premise. Community cloud. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be managed by the organizations or a third party and may exist on premise or off premise. Source:
7 Deployment Models (cont d) Public cloud. The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services. Hybrid cloud. The cloud infrastructure is a composition of two or more clouds (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for loadbalancing between clouds). Source:
8 Source: Gartner
9 Cisco Systems, Inc. has identified four types of organizations: Small and medium-sized businesses (using the public cloud) Large enterprises (private and hybrid cloud models more common but still use public cloud) Public-sector organizations Service providers Source: Cisco Systems, Inc.
10 In addition, regulated entities deserve a special category such as in the health care or financial spaces Regulated industries have additional focus on applicable regulation, especially for privacy and security Source: Cisco Systems, Inc.
11 Case Study Use of public cloud for , collaboration applications, documentation generation, and data storage and processing by a health care entity. HIPAA/HITECH Act applicable. Mostly buyer s perspective. Cost driven: OpX vs. CapX Direct to the vendor and not through reseller. Other challenges: service offerings and vendor agreements change during negotiations. And here are (some of) the business/legal issues...
12 Understand the Business Model Understand that the business is still developing and changing over time. Understand the service offerings and options, especially relating to privacy, security and ediscovery. Understand what is not included.
13 Understand the Vendors The culture of the vendors drives attitudes towards legal agreements. Culture of consumer vs. business (enterprise) deals. What is the culture regarding negotiation? When do you get past the salesforce What is the escalation procedure Use of subcontractors?
14 Understand the Contract Many public cloud providers use multiple levels of contracts. Those contracts often link to other documents such as privacy policies, acceptable use policies, security policies, service level agreements, technical support obligations, and others that should, if done correctly, become part of the overall contract.
15 Pick Your Team Due to the nature of cloud computing, at least for now, most major cloud initiatives require the expertise of more than one lawyer or contract negotiator. In this case, the negotiating team is: the business technology lawyer a privacy lawyer; a security lawyer; and an e-discovery lawyer. Some of the above is for due diligence purposes.
16 Pick Your Team (cont d) During negotiation, it is often beneficial to have an all-hands meeting between the vendors (SMEs), the sales representative, contract negotiator and/or lawyers as well as the legal team representing the buyer.
17 Service Descriptions Different companies view service descriptions differently. Some vendors do not have service descriptions per se but include some sort of documentation online that is incorporated into the agreement. Other vendors try to avoid including service descriptions in the contract.
18 Business Associate Agreement Most vendors will generally agree to some sort of business associate agreement. Some vendors still fight taking on that obligation. The Office of Civil Rights (OCR) has jurisdiction (among others). What is a business associate?
19 Security A covered entity must prove it is HIPAA security compliant (including through its vendors). Compliance obligations flow back to the covered entity, so due diligence on the vendor as well as contractual assurances are necessary. This includes the requirement to remain in compliance as the law changes or allow remedies to exist in the contract. Most vendors have security language to review, if asked. Audits and SAS 70 Type II, ISO
20 Data Breach Most vendors will recognize that they need to comply with security breach laws. Due diligence on the vendor is key in this area as well as having sufficient contractual language for all parties to be able to comply with data breach rules. Remedy?
21 E-discovery Due diligence should be required on capabilities of the vendor and related e-discovery tools and service descriptions/contractual language. Where/how is the data stored? How will the tools work for compliance, will they be for s only or for other information stored in the cloud (such as instant messaging or documents)? What is the response plan for responding to third-party subpoenas or other attestation requests and witness availability? Right to Conduct Forensics?
22 E-discovery (cont d) Dealing with privacy of individual s use and social network policies. Cross-border discovery issues (conflict between U.S. discovery rules and foreign privacy laws and blocking statutes potentially preventing disclosure). Litigation holds/retention Policies. Metadata. Location of documents may make access to them by government/third parties accessible other than going through client directly. Expectation of Privacy and Attorney-Client Privilege (and company policies!). How is data actually destroyed? Rewritten?
23 Service Level Agreements Most SLAs relate to up time although there are some virus and security SLAs. Sole and exclusive remedies clauses. Warranty language regarding SLAs. Uptime/Schedule or Authorized Downtime/Response Time/Permitted outages. Uptime SLAs vs. Functionality SLAs
24 Modifications to the Service Most vendors start with proposition that they can modify service at any time. Especially in a regulated environment, due diligence is performed on the service to determine capability and that service is relied upon.
25 Modifications to Terms and Conditions Most agreements retain the ability to change the terms and conditions of the underlying agreement, including those incorporated by reference, at any time. This can be troubling because it would apply to privacy and security policies as well, in addition to e-discovery.
26 Suspension of the Services Distinction of suspension of an end-user account versus the services as a whole. Business continuity. Compliance with health care and other obligations.
27 Termination and Assistance Services Most vendors do not have explicit terms for termination assistance other than providing the ability to download data for a certain period of time. It may not be practical to not have access to the service during the termination period. Consider the system. What about security violations, multiple SLA breach, violation of privacy and security policies... Not susceptible to cure.
28 Disaster Recovery and Business Continuity Due diligence requirements. Disaster recovery versus SLAs for up time. HIPAA: 45 CFR (a)(7)(ii).
29 Privacy Policies Cloud vendors have links to numerous privacy policies incorporated into the agreement. Applying these privacy policies to the business versus individual users who sign up for a free service period. Modifications of privacy policies.
30 Data Transfer/Offshoring Understanding the practice of the current vendor. Capabilities differ based on deployment model as well.
31 Warranty Services in accordance with SLAs? In accordance with documentation? What are the remedies? Duration is for term of agreement...
32 Liability Remedies for lost or damaged data Breaches surrounding privacy, security Compliance with regulatory laws Termination Assistance Insurance
33 Other General Issues Jurisdictional Issues (virtualization and mult-tenancy) Bankruptcy (financial strength monitoring) M&A Vendor Cessation of Business Subcontracting Open source Force Majeure
34 Other General Issues Electronic Communications Privacy Act (ECPA) IP Contingency Planning Price Protection Data Migration Accounting/ Revenue Rec. Issues (control vs. nocontrol) U.S. Patriot Act
35 Conclusion The technology is ahead of the lawyers. The business models are still evolving. The contracts are still evolving. Regulation/Laws are on their way. Organizations like NIST along with vendors are working diligently to create standards. The business must choose the appropriate service and deployment models.
36 Legal Issues in the Cloud: A Case Study Jason Epstein 211 Commerce Street Suite 800 Nashville, Tennessee (615)
Your Place or Mine? In-House e-discovery Platform vs. Software as a Service Technology & Business Overview of Cloud Computing Janine Anthony Bowen, Esq. Jack Attorneys & Advisors www.jack-law.com Atlanta,
1 The following is merely a collection of notes taken during works, study and just-for-fun activities No copyright infringements intended: all sources are duly listed at the end of the document This work
Cloud Computing in the Federal Sector: What is it, what to worry about, and what to negotiate. Presented by: Sabrina M. Segal, USITC, Counselor to the Inspector General, Sabrina.email@example.com Reference
Validation of a Cloud-Based ERP system, in practice. Regulatory Affairs Conference Raleigh. 8Th September What is the The Cloud Some Definitions The NIST Definition of Cloud computing Cloud computing is
Cloud Computing demystified! ISACA-IIA Joint Meeting Dec 9, 2014 By: Juman Doleh-Alomary Office of Internal Audit firstname.lastname@example.org 2 If cloud computing is so simple, then what s the big deal? What is the
Cloud Computing Supplementary slides Course: Designing and Implementing Service Oriented Business Processes 1 Introduction Cloud computing represents a new way, in some cases a more cost effective way,
WHITE PAPER Cloud Basics Strategies for Secure Cloud Computing An Introduction to Exploring the Cloud There is a lot of buzz these days about cloud computing and how it s going to revolutionize the way
IS PRIVATE CLOUD A UNICORN? With all of the discussion, adoption, and expansion of cloud offerings there is a constant debate that continues to rear its head: Public vs. Private or more bluntly Is there
This article was originally published in the November 2010 issue of the Intellectual Property & Technology Law Journal. ARTICLE Insights into Cloud Computing The basic point of cloud computing is to avoid
CSO Cloud Computing Study January 2012 Purpose and Methodology Survey Sample Survey Method Fielded Dec 20, 2011-Jan 8, 2012 Total Respondents Margin of Error +/- 7.3% Audience Base Survey Goal 178 security
Towards the Cloud! Ian Osborne Director, Digital Systems KTN, Intellect About the Speaker Director, Digital Systems KTN Technology Strategy Board programme Launched October 2009 IT Knowledge Transfer Network
Cloud Computing Flying High (or not) Ben Roper IT Director City of College Station What is Cloud Computing? http://www.agent-x.com.au/ Wikipedia - the use of computing resources (hardware and software)
Cloud Computing Policy Effective Date: July 28, 2015 1.0 INTRODUCTION Cloud computing services are application and infrastructure resources that users access via the Internet. These services, contractually
Cloud Computing; What is it, How long has it been here, and Where is it going? David Losacco, CPA, CIA, CISA Principal January 10, 2013 Agenda The Cloud WHAT IS THE CLOUD? How long has it been here? Where
Legal Issues Associated with Cloud Computing Laurin H. Mills May 13, 2009 What Is Cloud Computing? The cloud is a metaphor for the Internet Leverages the connectivity of the Internet to optimize the utility
Cloud Services Overview John Hankins Global Offering Executive Ricoh Production Print Solutions May 23, 2012 Cloud Services Agenda Definitions Types of Clouds The Role of Virtualization Cloud Architecture
Cloud for Credit Unions Leveraging New Solutions to Increase Efficiency & Reduce Costs Presented by: Hugh Smallwood, Chief Technology Officer Plan. Prepare. Protect. About Us Formed by a Group of DC Metro
Cloud Computing: Legal Risks and Best Practices A Bennett Jones Presentation Toronto, Ontario Lisa Abe-Oldenburg, Partner Bennett Jones LLP November 7, 2012 Introduction Security and Data Privacy Recent
Evolving Technology Issues: Cloud Computing Michael Bennett October 16, 2011 2011 Edwards Wildman Palmer LLP & Edwards Wildman Palmer UK LLP Cloud Computing Does compliance with applicable laws fall to
Introduction to Cloud Computing Srinath Beldona email@example.com Agenda Pre-requisites Course objectives What you will learn in this tutorial? Brief history Is cloud computing new? Why cloud computing?
White Paper on CLOUD COMPUTING INDEX 1. Introduction 2. Features of Cloud Computing 3. Benefits of Cloud computing 4. Service models of Cloud Computing 5. Deployment models of Cloud Computing 6. Examples
Radware Cloud Solutions for Enterprises How to Capitalize on Cloud-based Services in an Enterprise Environment - White Paper Table of Content Executive Summary...3 Introduction...3 The Range of Cloud Service
Cloud Service Agreements: Avoiding the Pitfalls of the Cloud as a Commodity Amy Mushahwar, Esq. What s New? Not That Much. Some have their heads in the cloud we prefer to stay down in the weeds and know
The HIPAA Security Rule: Cloudy Skies Ahead? Presented and Prepared by John Kivus and Emily Moseley Wood Jackson PLLC HIPAA and the Cloud In the past several years, the cloud has become an increasingly
Developing a Risk-Based Cloud Strategy Trevor Simmons, ZigZag Associates Ltd David Stokes, Venostic Consulting 23rd April 2015, Chertsey 1 Introductions Tell us briefly Who you are Who you work for What
Special Publication 800-145 (Draft) The NIST Definition of Cloud Computing (Draft) Recommendations of the National Institute of Standards and Technology Peter Mell Timothy Grance NIST Special Publication
Cloud Strategy Information Systems and Technology Bruce Campbell What is the Cloud? From http://csrc.nist.gov/publications/nistpubs/800-145/sp800-145.pdf Cloud computing is a model for enabling ubiquitous,
Cloud Computing Service Models, Types of Clouds and their Architectures, Challenges. B.Kezia Rani 1, Dr.B.Padmaja Rani 2, Dr.A.Vinaya Babu 3 1 Research Scholar,Dept of Computer Science, JNTU, Hyderabad,Telangana
Copyright Marchany 2010 Cloud Computing Security Issues Randy Marchany, VA Tech IT Security, firstname.lastname@example.org Something Old, Something New New: Cloud describes the use of a collection of services, applications,
1 Wrapping Audit Arms around the Cloud Georgia 2013 Conference for College and University Auditors Scott Woodison Executive Director, Compliance and Enterprise Risk Office of Internal Audit and Compliance
Hosted ediscovery: Adoption, Use, and Results September, 2011 SaaS is a Delivery Model Of Cloud Computing Attitudes About SaaS Are Still Evolving Legal Community Embracing SaaS In general, are you leaning
Where in the Cloud are You? Session 17032 Thursday, March 5, 2015: 1:45 PM-2:45 PM Virginia (Sheraton Seattle) Abstract The goal of this session is to understanding what is meant when we say Where in the
Cloud Computing What is Cloud Computing? Cloud computing is where the organization outsources data processing to computers owned by the vendor. Primarily the vendor hosts the equipment while the audited
Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer What is Cloud Computing A model for enabling convenient, on-demand network access to a shared pool of configurable
Security & Trust in the Cloud Ray Trygstad Director of Information Technology, IIT School of Applied Technology Associate Director, Information Technology & Management Degree Programs Cloud Computing Primer
InterPARES Trust Retention & Disposition in the Cloud Do you really have control? Franks Patricia, San Jose State University, San Jose, USA and Alan Doyle, University of British Columbia, Canada October
Cloud Computing Hot topics in relation to security, liability and privacy Steven De Schrijver Cloud Computing : who and what is involved? Data Cloud Service Provider (e.g. SaaS, PaaS, IaaS) Sub-contractor
WHAT S ON YOUR CLOUD? Workload Deployment Strategies for Private and Hybrid Clouds RESEARCH AND ANALYSIS PROVIDED BY TECHNOLOGY BUSINESS RESEARCH Contents I. Private Cloud: Making IT a business partner
What Every User Needs To Know Before Moving To The Cloud LawyerDoneDeal Corp. What Every User Needs To Know Before Moving To The Cloud 1 What is meant by Cloud Computing, or Going To The Cloud? A model
Cloud Less Talk, More Action Find your starting place and take action that makes sense for your organization. Logicalis White Paper: VMware Cloud March 2014 It seems like most of what you hear about the
Cloud Computing Introduction This information leaflet aims to advise organisations which are considering engaging cloud computing on the factors they should consider. It explains the relationship between
Cloud Computing: What needs to Be Validated and Qualified Ivan Soto Learning Objectives At the end of this session we will have covered: Technical Overview of the Cloud Risk Factors Cloud Security & Data
Incident Handling in the Cloud and Audit s Role David Cole, CPA, CISA ISACA National Capital Area Chapter Cloud Computing Conference March 17, 2015 1 Outline Cloud Service Models Cloud Types Summary of
CLOUD COMPUTING, TRADE SECRET / KNOW-HOW & EUROPEAN LEGAL FRAMEWORK AIPPI 2012 SEOUL XX October 2012 Alexandra NERI, Partner, TMT, +33 1 53 57 70 70, email@example.com TOPICS What is cloud computing?
Top 10 Tips and Tools for Meeting Regulatory Requirements and Managing Cloud Computing Providers in the United States and Around the World Web Hull Privacy, Data Protection, & Compliance Advisor Society
Annex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015 The following comprises a checklist of areas that genomic research organizations or consortia (collectively referred
Cloud Computing Bringing the Cloud into Focus November 2011 Introduction Ken Cochrane CEO, IT/NET Partner, KPGM Performance and Technology National co-leader IT Advisory Services KPMG Andrew Brewin Vice
SHI THESE SPECIAL PROVISIONS ARE ONLY TO BE USED FOR SOFTWARE AS A SERVICE (SaaS), AS DEFINED BELOW. THESE SPECIAL PROVISIONS ARE TO BE ATTACHED TO THE GENERAL PROVISIONS INFORMATION TECHNOLOGY AND ACCOMPANIED
CLOUD ARCHITECTURE DIAGRAMS AND DEFINITIONS April 2014 Cloud Conceptual Reference Model The ease of use a Cloud Consumer experiences results from a complex, behind-the-scenes, orchestration of interchangeable,
WHITE PAPER: STRATEGIC IMPACT PILLARS FOR EFFICIENT MIGRATION TO CLOUD COMPUTING IN GOVERNMENT IntelliDyne, LLC MARCH 2012 STRATEGIC IMPACT PILLARS FOR EFFICIENT MIGRATION TO CLOUD COMPUTING IN GOVERNMENT
INTRODUCTION Legal practices are increasingly using cloud storage and software systems as an alternative to in-house data storage and IT programmes. The cloud has a number of advantages particularly flexibility
Cloud Computing In a Post Snowden World Guy Wiggins, Kelley Drye & Warren LLP Alicia Lowery Rosenbaum, Microsoft Legal and Corporate Affairs Guy Wiggins Director of Practice Management Kelley Drye & Warren
ITIL in the Cloud Vernon Lloyd ITIL is a Registered Trade Mark, and a Registered Community Trade Mark of the Office of Government Commerce, and is Registered in the U.S. Patent and Trademark Office www.foxit.net
Keeping up with the World of Cloud Computing: What Should Internal Audit be Thinking About? IIA San Francisco Chapter October 11, 2011 Agenda Introductions Cloud computing overview Risks and audit strategies
International In-house Counsel Journal Vol. 6, No. 23, Spring 2013, 1 Cloud Computing: Contracting and Compliance Issues for In-House Counsel SHAHAB AHMED Director Legal and Corporate Affairs, Microsoft,
Carl F. Allen, CISM, CRISC, MBA Director, Information Systems Security Intermountain Healthcare Regulatory Compliance External Audit Legal and ediscovery Information Security Architecture Models Access
Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Best Practices for Security in the Cloud John Essner, Director
Attorney Advertising Prior results do not guarantee a similar outcome Models used are not clients but may be representative of clients 321 N. Clark Street, Suite 2800, Chicago, IL 60654 312.832.4500 Wednesday,
Orchestrating the New Paradigm Cloud Assurance Amsterdam 17 January 2012 John Hermans - Partner Current business challenges versus traditional IT Organizations are challenged with: Traditional IT seems
MALACAÑANG PALACE MANILA BY THE PRESIDENT OF THE PHILIPPINES ADMINISTRATIVE ORDER NO. ADOPTING CLOUD COMPUTING AS AN ICT DEPLOYMENT STRATEGY FOR DELIVERING SERVICES IN THE GOVERNMENT WHEREAS, Section 24,
Quick guide: Using the Cloud to support your business This Quick Guide is one of a series of information products targeted at small to medium sized enterprises (SMEs). It is designed to help businesses
NIST Cloud Computing Reference Architecture Version 1 March 30, 2011 2 Acknowledgements This reference architecture was developed and prepared by Dr. Fang Liu, Jin Tong, Dr. Jian Mao, Knowcean Consulting
Information Technology: This Year s Hot Issue - Cloud Computing Presented by: Alan Sutin Global IP & Technology Practice Group GREENBERG TRAURIG, LLP ATTORNEYS AT LAW WWW.GTLAW.COM 2011. All rights reserved.
Cloud Service Rollout Chapter 9 Cloud Service Topics Cloud service rollout plans vary depending on the type of cloud service SaaS, PaaS, or IaaS and the vendor. Unit Topics Identifying vendor roles and
Computing in a Regulated Environment White Paper by David Stephenson CTG Regulatory Compliance Subject Matter Expert February 2014 CTG (UK) Limited, 11 Beacontree Plaza, Gillette Way, READING, Berks RG2
CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES: Privacy Responsibilities and Considerations Cloud computing is the delivery of computing services over the Internet, and it offers many potential
June 2012 www.pwc.com www.pwc.com www.pwc.com Governing Changes in a Cloud, Cloud, World EEI-AGA Accounting Leadership Conference New Orleans, Louisiana Jim Hanlon firstname.lastname@example.org Partner, Utilities
Special Publication 800-145 The NIST Definition of Cloud Computing Recommendations of the National Institute of Standards and Technology Peter Mell Timothy Grance NIST Special Publication 800-145 The NIST
Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC www.fmsinc.org 1 2015 Financial Managers Society, Inc. Cloud Security Implications
Financial Services the way we see it Cloud Computing in Banking What banks need to know when considering a move to the cloud Contents 1 Overview 3 2 Why Cloud Computing for Banks? 4 2.1 Cost Savings and
A LEGAL GUIDE TO CLOUD COMPUTING INTRODUCTION Many companies are considering implementation of cloud computing services to decrease IT costs while providing the flexibility to scale usage on demand. The
Private Cloud 201 How to Build a Private Cloud Chris E. Avis Sr. IT Pro Evangelist Microsoft Corp. http://chrisavis.com Presented at Seattle Windows Networking User Group January 4, 2012 al 1 The Cloudscape
Introduction to Cloud Services (brought to you by www.rmroberts.com) Cloud computing concept is not as new as you might think, and it has actually been around for many years, even before the term cloud
Securing The Cloud Foundational Best Practices For Securing Cloud Computing Scott Clark Agenda Introduction to Cloud Computing What is Different in the Cloud? CSA Guidance Additional Resources 2 What is
Why Migrate to the Cloud ABSS Solutions, Inc. 2014 ASI Cloud Services Information Systems Basics Cloud Fundamentals Cloud Options Why Move to the Cloud Our Service Providers Our Process Information System
Public Cloud Service Agreements: What to Expect & What to Negotiate April 2013 The Cloud Standards Customer Council THE Customer s Voice for Cloud Standards! Provide customer-led guidance to the multiple
Architectural Implications of Cloud Computing Grace Lewis Research, Technology and Systems Solutions (RTSS) Program Lewis is a senior member of the technical staff at the SEI in the Research, Technology,
CLOUD COMPUTING ISSUES FOR SCHOOL DISTRICTS Presented to the 2013 BRADLEY F. KIDDER LAW CONFERENCE October 2, 2013 By: Diane M. Gorrow Soule, Leslie, Kidder, Sayward & Loughman, P.L.L.C. 220 Main Street
Business Intelligence (BI) Cloud Prepared By: Pavan Inabathini Summary Federal Agencies currently maintain Business Intelligence (BI) solutions across numerous departments around the enterprise with individual
Cloud Computing This information leaflet aims to advise organisations on the factors they should take into account in considering engaging cloud computing. It explains the relevance of the Personal Data
CLOUD COMPUTING Jillian Raw Partner, Kennedys http://www.kennedys-law.com/jraw/ Cloud Computing- what they say about it the cloud will transform the information technology industry profoundly change the
White Paper: Vendor Selection for Your Life Science Company Cloud GlobalSubmit 123 South Broad Street, Suite 1850 Philadelphia, PA 19109 www.globalsubmit.com Methodsense, Inc. P.O. Box 110352 Durham, NC
ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS Shirley Radack, Editor Computer Security Division Information