Public cloud vendors: security ranking and positioning analysis

Size: px
Start display at page:

Download "Public cloud vendors: security ranking and positioning analysis"

Transcription

1 Viewpoint Public cloud vendors: security ranking and positioning analysis By Edward Hamilton (Senior Manager) April 2011 Executive summary The market for cloud services is growing rapidly, but players in several highly regulated industry verticals (such as government and finance) appear not to be adopting general cloud services primarily because of concerns over security, regulatory compliance and governance issues. Instead, they are either dismissing the business opportunity or defining private clouds, which removes a significant portion of the potential cost reduction benefits that cloud services offer. Our analysis of the security offered by a range of cloud service providers revealed that, in most cases, it largely focused on: technical security controls which are necessary but not sufficient for enterprises because security must be a balance of different types of security control, including people, process and technology compliance with legislation and regulation in the USA which is an important market, but concentrating solely on it limits the opportunities for cloud service providers. Some providers have numerous security certifications, but the alignment and strategy behind those certifications do not enable them to increase their addressable market significantly. Each certification costs time and money to maintain, so cloud service providers need to ensure that they are obtaining the maximum benefit from each certification. Figure 1 shows our assessment of providers approach to security certification.

2 Strength of provider s strategy Public cloud vendors: security ranking and positioning analysis 2 Table 1: Assessment of the security certification strategy of a selection of cloud service providers [Source: Analysys Mason, 2011] Average Maturity of security standard type Good Service provider Technical US-centric Regional Type of security standard Industry vertical Data protection Global Integrated security management with clients Good Citrix Systems Symantec Google Amazon Salesforce.com ZOHO Pearson Egnyte Microsoft Box.net LogMeIn Poor Skype Key: = Provider complies with security standards of this type. Citrix Systems and Symantec have comprehensive documentation that outlines their end-to-end security strategies. These start with the technical security controls, but also include a range of security certifications that cover regions, global and industry verticals. The two providers strategies also discuss risk management and working with clients own security teams. Other providers may have similar strategies, but documentation about them is not easily accessible. Security professionals will assume that risks have not been mitigated until suitable evidence can be supplied. Recommendations for cloud service providers Concentrate on certification to international security standards that are applicable worldwide. Many service providers focus on compliance with US regulations and standards. They will need to broaden their scope to include internationally recognised standards if they are to address the enterprise market effectively. We recommend ISO 27001, Payment Card Industry Data Security Standard (PCI DSS), ISO and the Data Protection Act/Safe Harbour. Providers should also map country- and industry-vertical-specific security controls back to ISO 27002:2005 to demonstrate compliance to country-based vertical security requirements. Ensure the suitable security documentation is readily available. The information must offer more than high level sales and marketing messages, or it will be dismissed as such. Service providers must ensure that they provide suitable security information to potential clients, enabling them to quickly and easily ascertain the level of security maturity of the cloud service being offered. Enable internal enterprise security teams to integrate with cloud service provider security teams. Service providers should develop their security operating procedures to enable collaboration between their security teams and those of their clients, allowing them to share information about threats, risks and incidents.

3 Revenue (USD billion) Year-on-year growth rate Public cloud vendors: security ranking and positioning analysis 3 Organisations in the government and banking sectors already include this feature in their outsourcing contracts. If cloud service providers wish to enter these markets, they have to be able to offer the same or better levels of security. Internal enterprise security teams must have the utmost assurance that security compliance is met and escalation processes are in place to deal with all breaches appropriately and quickly. Forecast Analysys Mason forecasts that revenue from the public cloud services market will grow from USD12.1 billion in 2010 to USD35.6 billion in 2015 (see Figure 1). Software-as-a-service (SaaS) currently accounts for the majority of revenue, but the balance will shift towards infrastructure-as-a-service (IaaS) during next five years. Figure 1: Enterprise cloud-based service revenue, worldwide, [Source: Analysys Mason, 2011] % 40% 35% 30% 25% 20% 15% 10% 5% % Revenue Growth Public cloud service providers must ensure that their security is appropriate for global markets to achieve this anticipated revenue growth. If they do not, enterprise organisations and governments will continue to deploy private cloud solutions. Market leaders We considered a range of providers, from market leaders to relatively new entrants. We reviewed the offerings of Amazon, Box.net, Citrix Systems, Egnyte, Google, LogMeIn, Microsoft, Pearson, salesforce.com, Skype, Symantec and ZOHO. Citrix and Symantec clearly differentiated themselves as the market leaders. They demonstrate a detailed understanding of information security and assurance in a range of global verticals. Their documentation discusses the technical controls, security and risk management, and how their services integrate with clients own security teams. Cloud service providers technical security infrastructure appears to follow good technical practices. However, security is significantly poorer at an application level and is almost non-existent when it comes to security governance. In particular, most cloud service providers have yet to clearly define how their security governance would link to and integrate with a client s security team. For example, it is not clear how providers will report any data breaches they detect. Waiting to include such news in a monthly status report would not provide a

4 Public cloud vendors: security ranking and positioning analysis 4 suitably timely level of security governance for enterprises. Cloud service providers need to offer integrated security governance that allows two-way communication to a defined service-level agreement. Most of the security standards that these service providers support are designed to comply with US regulation and legislation (see Figure 2). Figure 2: Security standards followed by a selection of cloud service providers, by region 1 [Source: Analysys Mason, 2011] International standards 26% Other regional standards 3% US standards 71% SAS 70 was the most-commonly adopted security standard among the service providers we considered (see Figure 3). SAS 70 is useful for organisations that are based in, or have their headquarters in, the USA. Most cloud service providers are US-based and need to comply with this standard, so it makes sense for them to extend their audits to include service provision. Some providers are moving towards adoption of more internationally recognised security certifications, mainly the de facto global security standard ISO Figure 3: Security standards followed by a selection of cloud service providers 1 [Source: Analysys Mason, 2011] SAS 70 PCI DDS SOX ISO Safe Harbour NIST HIPAA FISMA COBIT Data Protection 0% 10% 20% 30% 40% 50% 60% 70% Percentage of service providers

5 Public cloud vendors: security ranking and positioning analysis 5 Many of the region- and vertical-specific security standards are based on the security controls defined in ISO (the security control set for ISO 27001). Complying with and being certified to ISO enables providers to support a common, globally accepted security baseline and to add additional security controls to enable compliance with specific national, regional, or vertical security requirements. Market drivers and inhibitors The following factors are driving adoption of cloud-based solutions in the enterprise sector. Lack of IT staff. Small enterprises in developed markets rarely have enough IT staff to manage on-premises technology, and the staff they do have are generalists rather than specialists in particular applications or infrastructure components. In emerging markets, finding skilled IT staff is difficult. Cloud solutions remove the need for SMEs to have deeply technical IT staff dedicated to one particular on-premises technology solution. High cost of skilled IT talent in developed markets. Especially in developed markets, the cost of highly skilled IT staff often makes the total cost of ownership of on-premises solutions unreasonably high. Switching to cloud solutions reduces an enterprise s reliance on these difficult-to-find and expensive resources. Consumer adoption of social networking and consumer cloud solutions. Consumers will become more comfortable with the online application experience as they become more accustomed to cloud-based solutions such as social networks (for example, Facebook and MySpace), hosted and calendaring, and PC-based telephony (for example, Skype). These consumer tools encourage the building of online communities and collaboration. Consumers comfort with these tools builds a willingness to consider and adopt enterprise cloud solutions. Move towards simplifying the network and technology environment. Real-time access to applications across the company can be an unreachable goal for businesses with multiple office locations especially small businesses. Maintaining a networked application environment is too complex and expensive for small enterprises. Those that attempt it often suffer a low quality of service, high levels of downtime and high support costs. Cloud solutions remove the complexities of maintaining networked application environments, making an application available from virtually any laptop or desktop with broadband Internet access. Remote working and mobility. More than 50% of employees work outside their primary workspace at least one day per week. Having access to applications in multiple work environments is key to ensuring continuity of stakeholder interactions. For example, Vodafone is finding that SMEs want cloud solutions to ensure that they never miss a call from a customer or prospect. Such a simple, yet profound, business need not elaborate features and rich product functionality quite often drives the adoption of a new technology. Capital limitations. In these particularly difficult economic times, when credit is very tight, businesses prefer to purchase solutions on a pay-as-you-go basis, rather than make relatively large capital expenditures. Spreading out the payments related to a technology solution is one form of financial and business risk diversification for enterprises. Network operators desires to gain greater technology wallet-share with established customers by following their traditional business model (that is, monthly recurring revenue). Vodafone, for example, increases its share of an SME s technology wallet from 30% to 80% by adding cloud services to an existing mobile or fixed network service customer. By selling additional cloud services with three-year terms, Vodafone is able to increase the average customer lifetime. and decrease churn on its core connectivity product lines. This incremental lifetime value of the mobile or fixed network customer has a tremendous impact on margins.

6 Public cloud vendors: security ranking and positioning analysis 6 However, several factors are inhibiting the adoption of cloud-based solutions, one of which is security. Data is a key information asset for many organisations, and transferring a key asset to a public IT system where the security is unknown requires significant faith in the supplier. Organisations do not trust other organisations, so providers must demonstrate that they will secure their clients information assets to an appropriate security level to mitigate the identified risks. Business environment The move towards cloud services appears to be relentless, as numerous players develop and deploy additional IT platforms, infrastructure and applications. Cloud IT services is a natural development of IT outsourcing and organisations desire to reduce IT costs. They appear to have all the benefits of outsourcing without the traditional risks of customised IT development or COTS deployment, for the following reasons. The services and applications already exist and have been deployed, which minimises the risk of incurring the cost overruns that affect so many IT projects. Most cloud-based IT services require no capital investment and have only minimal upfront configuration charges, which enables enterprises to budget annually for the services. Enterprises require little in-house IT skills to use cloud-based services, which enables them to redeploy valuable IT assets elsewhere. The services can be deployed quickly, which allows enterprise IT departments to become more responsive to stakeholders and focused on business needs rather than IT minutiae. Enterprises will encounter additional risks when making the transition to, and using, cloud services. Some of these are related to security for example, compliance with the required legislation and regulation within their country, region and industry, as well as the usual security concerns about the confidentiality, integrity and availability of data. A mature security solution will strike a balance between technical security controls and a security governance set, consisting of policy, procedures and standards. Currently, most cloud service providers are not providing suitable security governance for organisations that operate in highly regulated or complex legislative environments. Many service providers security compliance standards are very US-centric. The USA is the largest single economy in the world, but the business case for developing cloud-based services will nevertheless be weaker if the service provider focuses solely on this market. To address other markets, providers will need to address international and other regional standards. Organisations in highly regulated sectors might conclude that cloud services do not offer appropriate security after performing a simple search on the available services and their security compliance standards. As a result, they are designing and implementing their own clouds for example, many governments are designing their own clouds that adhere to security standards they have defined. Market definition For this work, Analysys Mason utilised the National Institute of Science and Technology s (NIST s) definition of cloud services. 1 We reviewed a selection of cloud service providers offerings. 1 See NIST (Gaithersburg, Maryland, 2009), The NIST Definition of Cloud Computing. Available at

Cloud Computing - Benefits and Barriers for Retail Adoption

Cloud Computing - Benefits and Barriers for Retail Adoption Original Published Research from Cobweb Solutions - Europe s Leading Cloud Services Provider Cloud Computing - Benefits and Barriers for Retail Adoption 28022011 v1.5 written by Ed Dixon Director of Enterprise

More information

Quick guide: Using the Cloud to support your business

Quick guide: Using the Cloud to support your business Quick guide: Using the Cloud to support your business This Quick Guide is one of a series of information products targeted at small to medium sized enterprises (SMEs). It is designed to help businesses

More information

Moving Service Management to SaaS Key Challenges and How Nimsoft Service Desk Helps Address Them

Moving Service Management to SaaS Key Challenges and How Nimsoft Service Desk Helps Address Them Moving Service Management to SaaS Key Challenges and How Nimsoft Service Desk Helps Address Them Table of Contents Executive Summary... 3 Introduction: Opportunities of SaaS... 3 Introducing Nimsoft Service

More information

G-Cloud IV Services Service Definition Accenture Netsuite Cloud Services

G-Cloud IV Services Service Definition Accenture Netsuite Cloud Services G-Cloud IV Services Service Definition Accenture Netsuite Cloud Services 1 Table of contents 1. Scope of our services... 3 2. Methodology & Approach... 4 3. Assets and tools... 5 4. Pricing... 6 5. Contacts...

More information

Bridged Apps: specialise in the deployment of many well known apps, as well as building customer made apps, websites, and SEO.

Bridged Apps: specialise in the deployment of many well known apps, as well as building customer made apps, websites, and SEO. Bridging The Gap Bridged Group is the Strategic partner of The Telstra Business Centre and Telstra Store. We are a Telstra Preferred Cloud Partner with over 35 years of experience between our senior staff

More information

Location of the job: CFO Revenue Assurance

Location of the job: CFO Revenue Assurance JOB PROFILE Title of position: Manager: Revenue Assurance Operations Number of subordinates: 5-10 Location of the job: CFO Revenue Assurance Level: 3 Position Code: Time span: 2-3 years Key Performance

More information

What happens when you sign up to the ZoneFox Service?

What happens when you sign up to the ZoneFox Service? What happens when you sign up to the ZoneFox Service? Overview According to the highly respected Verizon 2014 Data Breach Investigations Report 1, 2013 set a new record for the number of data breaches

More information

White Paper: SLASH YOUR SME 1 COMPLIANCE COSTS

White Paper: SLASH YOUR SME 1 COMPLIANCE COSTS White Paper: SLASH YOUR SME 1 COMPLIANCE COSTS Most small business owners are attempting to juggle hundreds of activities at once just to run their business day to day. Every day there seems to be more

More information

CPNI VIEWPOINT 01/2010 CLOUD COMPUTING

CPNI VIEWPOINT 01/2010 CLOUD COMPUTING CPNI VIEWPOINT 01/2010 CLOUD COMPUTING MARCH 2010 Acknowledgements This viewpoint is based upon a research document compiled on behalf of CPNI by Deloitte. The findings presented here have been subjected

More information

Orchestrating the New Paradigm Cloud Assurance

Orchestrating the New Paradigm Cloud Assurance Orchestrating the New Paradigm Cloud Assurance Amsterdam 17 January 2012 John Hermans - Partner Current business challenges versus traditional IT Organizations are challenged with: Traditional IT seems

More information

Cloud for Credit Unions Leveraging New Solutions to Increase Efficiency & Reduce Costs Presented by: Hugh Smallwood, Chief Technology Officer

Cloud for Credit Unions Leveraging New Solutions to Increase Efficiency & Reduce Costs Presented by: Hugh Smallwood, Chief Technology Officer Cloud for Credit Unions Leveraging New Solutions to Increase Efficiency & Reduce Costs Presented by: Hugh Smallwood, Chief Technology Officer Plan. Prepare. Protect. About Us Formed by a Group of DC Metro

More information

COMPANY PROFILE OVERVIEW

COMPANY PROFILE OVERVIEW Corporate Profile COMPANY PROFILE OVERVIEW Align your IT with your business THINK it Solutions TM is a leading specialist in the world of Information and Communications Technology (ICT).Offering dynamic

More information

Hedge Funds & the Cloud: The Pros, Cons and Considerations

Hedge Funds & the Cloud: The Pros, Cons and Considerations Hedge Funds & the Cloud: The Pros, Cons and Considerations By Mary Beth Hamilton, Director of Marketing, Eze Castle Integration The increased use of cloud-based services is undeniable. Analyst firm Forrester

More information

Symantec Residency and Managed Services

Symantec Residency and Managed Services Symantec Residency and Managed Services Flexible options for staff augmentation and IT out-tasking Symantec Global Services Confidence in a connected world. Symantec Residency and Managed Services provide

More information

Cloud Computing An Auditor s Perspective

Cloud Computing An Auditor s Perspective Cloud Computing An Auditor s Perspective Sailesh Gadia, CPA, CISA, CIPP sgadia@kpmg.com December 9, 2010 Discussion Agenda Introduction to cloud computing Types of cloud services Benefits, challenges,

More information

Hans Bos Microsoft Nederland. hans.bos@microsoft.com

Hans Bos Microsoft Nederland. hans.bos@microsoft.com Hans Bos Microsoft Nederland Email: Twitter: hans.bos@microsoft.com @hansbos Microsoft s Cloud Environment Consumer and Small Business Services Software as a Service (SaaS) Enterprise Services Third-party

More information

CONTENTS. Abstract... 2. Need for Desktop Management... 2. What should typical Desktop Management Software do?... 2. Securing Desktops...

CONTENTS. Abstract... 2. Need for Desktop Management... 2. What should typical Desktop Management Software do?... 2. Securing Desktops... CONTENTS Abstract... 2 Need for Desktop Management... 2 What should typical Desktop Management Software do?... 2 Securing Desktops... 3 Standardization... 4 Troubleshooting... 4 Auditing IT Assets... 5

More information

White Paper: Cloud Security. Cloud Security

White Paper: Cloud Security. Cloud Security White Paper: Cloud Security Cloud Security Introduction Due to the increase in available bandwidth and technological advances in the area of virtualisation, and the desire of IT managers to provide dynamically

More information

Third party assurance services

Third party assurance services TECHNOLOGY RISK SERVICES Third party assurance services Delivering assurance over your service providers The current third party service provider environment Corporate UK has been transformed in recent

More information

08/10/2013. Data protection and compliance. Agenda. Data protection life cycle and goals. Introduction. Data protection overview

08/10/2013. Data protection and compliance. Agenda. Data protection life cycle and goals. Introduction. Data protection overview Data protection and compliance In the cloud and in your data center 1 November 2013 Agenda 1 Introduction 2 Data protection overview 3 Understanding the cloud 4 Where do I start? 5 Wrap-up Page 2 Data

More information

ISSN: 2321-7782 (Online) Volume 2, Issue 5, May 2014 International Journal of Advance Research in Computer Science and Management Studies

ISSN: 2321-7782 (Online) Volume 2, Issue 5, May 2014 International Journal of Advance Research in Computer Science and Management Studies ISSN: 2321-7782 (Online) Volume 2, Issue 5, May 2014 International Journal of Advance Research in Computer Science and Management Studies Research Paper Available online at: www.ijarcsms.com Analogous

More information

Securing the Microsoft Cloud

Securing the Microsoft Cloud Securing the Microsoft Cloud Securing the Microsoft Cloud Page 1 Securing the Microsoft Cloud Microsoft recognizes that trust is necessary for organizations and consumers to fully embrace and benefit from

More information

Six Drivers For Cloud Business Growth Efficiency

Six Drivers For Cloud Business Growth Efficiency Behind Every Cloud, There s a Reason Analyzing the Six Possible Business and Technology Drivers for Going Cloud CONTENTS Executive Summary Six Drivers for Going Cloud Business Growth Efficiency Experience

More information

Cloud Adoption Study Cloud computing is gaining momentum

Cloud Adoption Study Cloud computing is gaining momentum Cloud Adoption Study Cloud computing is gaining momentum Contents 4 Cloud is gaining momentum due to its business impact. 6 Public SaaS dominates the cloud offerings 7 Market understanding is lacking

More information

Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider

Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider Whitepaper: Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider WHITEPAPER Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider Requirements Checklist

More information

Quick Start to Accelerating Your Cloud Business. Katherine Hunt, Director, Member Communities

Quick Start to Accelerating Your Cloud Business. Katherine Hunt, Director, Member Communities Quick Start to Accelerating Your Cloud Business Katherine Hunt, Director, Member Communities CompTIA Strategy Educate The IT Channel Advocate On behalf of the industry Certify The IT workforce Give Back

More information

Cloud Computing: Background, Risks and Audit Recommendations

Cloud Computing: Background, Risks and Audit Recommendations Cloud Computing: Background, Risks and Audit Recommendations October 30, 2014 Table of Contents Cloud Computing: Overview 3 Multiple Models of Cloud Computing 11 Deployment Models 16 Considerations For

More information

A Flexible and Comprehensive Approach to a Cloud Compliance Program

A Flexible and Comprehensive Approach to a Cloud Compliance Program A Flexible and Comprehensive Approach to a Cloud Compliance Program Stuart Aston Microsoft UK Session ID: SPO-201 Session Classification: General Interest Compliance in the cloud Transparency Responsibility

More information

WHITE PAPER. How to simplify and control the cardholder security environment

WHITE PAPER. How to simplify and control the cardholder security environment WHITE PAPER How to simplify and control the cardholder security environment Document Version V1-0 Document Set: QCC Information Security Prepared By Nick Prescot - QCC Information Security Ltd Sponsored

More information

NEC Managed Security Services

NEC Managed Security Services NEC Managed Security Services www.necam.com/managedsecurity How do you know your company is protected? Are you keeping up with emerging threats? Are security incident investigations holding you back? Is

More information

Security solutions White paper. Acquire a global view of your organization s security state: the importance of security assessments.

Security solutions White paper. Acquire a global view of your organization s security state: the importance of security assessments. Security solutions White paper Acquire a global view of your organization s security state: the importance of security assessments. April 2007 2 Contents 2 Overview 3 Why conduct security assessments?

More information

3Si Managed Authentication Services Service Description

3Si Managed Authentication Services Service Description 3Si Managed Authentication Services Service Description [Pick the date] 3Si Managed Authentication Services Service Description [Type the document subtitle] JT www.3sicloud.com www.3sicloud.com enquiry@3sicloud.com

More information

Index. Executive Summary. Cost Drivers in the Total Cost of Ownership Analysis 4. Capital expenses 4. Design and deployment costs 4.3 Ongoing infrastructure costs 5.4 Ongoing operations and support costs

More information

Leveraging the Private Cloud for Competitive Advantage

Leveraging the Private Cloud for Competitive Advantage Leveraging the Private Cloud for Competitive Advantage Introduction While it is universally accepted that organisations will leverage cloud solutions to service their IT needs, there is a lack of clarity

More information

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect OWASP Chapter Meeting June 2010 Presented by: Brayton Rider, SecureState Chief Architect Agenda What is Cloud Computing? Cloud Service Models Cloud Deployment Models Cloud Computing Security Security Cloud

More information

Security and Privacy in Cloud Computing

Security and Privacy in Cloud Computing Security and Privacy in Cloud Computing - Study Report Sai Lakshmi General Manager Enterprise Security Solutions 2 Agenda Background & Objective Current Scenario & Future of Cloud Computing Challenges

More information

Integrating Active Directory Federation Services (ADFS) with Office 365 through IaaS

Integrating Active Directory Federation Services (ADFS) with Office 365 through IaaS www.thecloudmouth.com Integrating Active Directory Federation Services (ADFS) with Office 365 through IaaS A White Paper Loryan Strant Office 365 MVP Introduction This purpose of this whitepaper is to

More information

Maintaining PCI-DSS compliance. Daniele Bertolotti daniele_bertolotti@symantec.com Antonio Ricci antonio_ricci@symantec.com

Maintaining PCI-DSS compliance. Daniele Bertolotti daniele_bertolotti@symantec.com Antonio Ricci antonio_ricci@symantec.com Maintaining PCI-DSS compliance Daniele Bertolotti daniele_bertolotti@symantec.com Antonio Ricci antonio_ricci@symantec.com Sessione di Studio Milano, 21 Febbraio 2013 Agenda 1 Maintaining PCI-DSS compliance

More information

Getting Your Head In The Cloud

Getting Your Head In The Cloud CRM Expert Advisor White Paper Getting Your Head In The Cloud Businesses today hold more data than ever before. As a result, one of the biggest decisions any company small or large has to face is where

More information

NCR CONNECTED PAYMENTS The vision for payment acceptance in restaurants

NCR CONNECTED PAYMENTS The vision for payment acceptance in restaurants NCR CONNECTED PAYMENTS The vision for payment acceptance in restaurants For more information visit ncr.com or contact us at hospitality.information@ncr.com A winning combination of payment security and

More information

Implementing Practical Information Security Programs

Implementing Practical Information Security Programs Implementing Practical Information Security Programs CISO Summit March 17-19, 2013 Presented by: David Cass, SVP & Chief Information Security Officer, Elsevier Information Security & Data Protection Office

More information

Trends in enterprise ICT

Trends in enterprise ICT UBS Telecoms Enterprise Day 2014 Trends in enterprise ICT 28 March 2014 Robert Schumann 2 Contents About Analysys Mason Sizing African SME ICT markets Case studies from Developed Markets Challenges and

More information

Cloud Security Keeping Data Safe in the Boundaryless World of Cloud Computing

Cloud Security Keeping Data Safe in the Boundaryless World of Cloud Computing Cloud Security Keeping Data Safe in the Boundaryless World of Cloud Computing Executive Summary As cloud service providers mature, and expand and refine their offerings, it is increasingly difficult for

More information

Security in the Cloud: Visibility & Control of your Cloud Service Providers

Security in the Cloud: Visibility & Control of your Cloud Service Providers Whitepaper: Security in the Cloud Security in the Cloud: Visibility & Control of your Cloud Service Providers Date: 11 Apr 2012 Doc Ref: SOS-WP-CSP-0412A Author: Pierre Tagle Ph.D., Prashant Haldankar,

More information

Cloud Application Marketplace 2015-2020

Cloud Application Marketplace 2015-2020 Brochure More information from http://www.researchandmarkets.com/reports/3292821/ Cloud Application Marketplace 2015-2020 Description: Cloud is moving beyond computing and storage and into an entirely

More information

Simplify Software as a Service (SaaS) Integration

Simplify Software as a Service (SaaS) Integration Simplify Software as a Service (SaaS) Integration By Simon Peel December 2008 Introduction Fuelled by a fiercely competitive business environment that requires the pace of business and technology to accelerate,

More information

Managing risks in a Salesforce environment

Managing risks in a Salesforce environment Managing risks in a Salesforce environment Managing risks in a Salesforce environment In today s rapidly changing world of business, only companies that understand and anticipate customer needs and consistently

More information

CLOUD COMPUTING An Overview

CLOUD COMPUTING An Overview CLOUD COMPUTING An Overview Abstract Resource sharing in a pure plug and play model that dramatically simplifies infrastructure planning is the promise of cloud computing. The two key advantages of this

More information

IT Cloud / Data Security Vendor Risk Management Associated with Data Security. September 9, 2014

IT Cloud / Data Security Vendor Risk Management Associated with Data Security. September 9, 2014 IT Cloud / Data Security Vendor Risk Management Associated with Data Security September 9, 2014 Speakers Brian Thomas, CISA, CISSP In charge of Weaver s IT Advisory Services, broad focus on IT risk, security

More information

INSIGHTS CUPP COMPUTING MOBILE SECURITY MULTINATIONAL DECISIONMAKERS STUDY 2015

INSIGHTS CUPP COMPUTING MOBILE SECURITY MULTINATIONAL DECISIONMAKERS STUDY 2015 INSIGHTS CUPP COMPUTING MOBILE SECURITY MULTINATIONAL DECISIONMAKERS STUDY 2015 CHERYL HARRIS, PH.D. DECISIVE ANALYTICS LLC 575 MADISON AVENUE, 10 TH FL NEW YORK, NY 10022 917.628.6167 14. January 2015

More information

The Business Case for Cloud Backup

The Business Case for Cloud Backup The Business Case for Cloud Backup Table of Contents Introduction...2 SMB Data Protection Essentials...2 The Business Case for Outsourcing Data Protection...3 Considerations for Choosing a Cloud Backup

More information

Cloud Computing in a Regulated Environment

Cloud Computing in a Regulated Environment Computing in a Regulated Environment White Paper by David Stephenson CTG Regulatory Compliance Subject Matter Expert February 2014 CTG (UK) Limited, 11 Beacontree Plaza, Gillette Way, READING, Berks RG2

More information

The Cloud. IIA Seminar, York April 30 th 2015. www.bakertilly.co.uk

The Cloud. IIA Seminar, York April 30 th 2015. www.bakertilly.co.uk The Cloud IIA Seminar, York April 30 th 2015 www.bakertilly.co.uk Introduction David Morris Technology Services Director with Baker Tilly Qualified Internal Auditor Based in Manchester Baker Tilly is an

More information

IJRSET 2015 SPL Volume 2, Issue 11 Pages: 29-33

IJRSET 2015 SPL Volume 2, Issue 11 Pages: 29-33 CLOUD COMPUTING NEW TECHNOLOGIES 1 Gokul krishnan. 2 M, Pravin raj.k, 3 Ms. K.M. Poornima 1, 2 III MSC (software system), 3 Assistant professor M.C.A.,M.Phil. 1, 2, 3 Department of BCA&SS, 1, 2, 3 Sri

More information

3 BENEFITS OF COMPLIANT EMAIL ARCHIVING.

3 BENEFITS OF COMPLIANT EMAIL ARCHIVING. 3 BENEFITS OF COMPLIANT EMAIL ARCHIVING. Assure compliance, speed ediscovery, and help protect your intellectual property. BY NED FASULLO Ned Fasullo is a life-long technologist, and data-driven marketing

More information

Program. Maria Fiore Business Development Manager Hartco. Hugo Boutet igovirtual. Introduction to MicroAge. SME and «cloud computing» 2006 MicroAge

Program. Maria Fiore Business Development Manager Hartco. Hugo Boutet igovirtual. Introduction to MicroAge. SME and «cloud computing» 2006 MicroAge A presentation from and October 19th 2010 Program Introduction to MicroAge Maria Fiore Business Development Manager Hartco SME and «cloud computing» Hugo Boutet igovirtual 2006 MicroAge Introduction to

More information

TOTAL COST OF OWNERSHIP OF PANDA MANAGED OFFICE PROTECTION Learn how a SaaS Endpoint Solution reduces Operating Costs www.pandasecurity.com Pag.. Executive Summary Businesses of all sizes today are increasingly

More information

Email archives: no longer fit for purpose?

Email archives: no longer fit for purpose? RESEARCH PAPER Email archives: no longer fit for purpose? Most organisations are using email archiving systems designed in the 1990s: inflexible, non-compliant and expensive May 2013 Sponsored by Contents

More information

Guardian365. Managed IT Support Services Suite

Guardian365. Managed IT Support Services Suite Guardian365 Managed IT Support Services Suite What will you get from us? Award Winning Team Deloitte Best Managed Company in 2015. Ranked in the Top 3 globally for Best Managed Service Desk by the Service

More information

Caretower s SIEM Managed Security Services

Caretower s SIEM Managed Security Services Caretower s SIEM Managed Security Services Enterprise Security Manager MSS -TRUE 24/7 Service I.T. Security Specialists Caretower s SIEM Managed Security Services 1 Challenges & Solution Challenges During

More information

Service Organization Control (SOC) Reports Focus on SOC 2 Reporting Standard

Service Organization Control (SOC) Reports Focus on SOC 2 Reporting Standard Information Systems Audit and Controls Association Service Organization Control (SOC) Reports Focus on SOC 2 Reporting Standard February 4, 2014 Tom Haberman, Principal, Deloitte & Touche LLP Reema Singh,

More information

Cloud Computing in Banking

Cloud Computing in Banking Financial Services the way we see it Cloud Computing in Banking What banks need to know when considering a move to the cloud Contents 1 Overview 3 2 Why Cloud Computing for Banks? 4 2.1 Cost Savings and

More information

Usage of Cloud Computing: where do we stand and where are we going in Switzerland?

Usage of Cloud Computing: where do we stand and where are we going in Switzerland? Usage of Cloud Computing: where do we stand and where are we going in Switzerland? A survey conducted by Stefanie Huthmacher under the supervision of Prof. Dr. Stella Grivas Gatziu Olten, 31 July 2010

More information

How To Choose A Cloud Computing Solution

How To Choose A Cloud Computing Solution WHITE PAPER How to choose and implement your cloud strategy INTRODUCTION Cloud computing has the potential to tip strategic advantage away from large established enterprises toward SMBs or startup companies.

More information

Financial Management Software as a Service

Financial Management Software as a Service White Paper Financial Management Software as a Service Overview 3 Financial Management Software as a Service 5 What to Look for? 7 Conclusions and Summary 9 About Efima 10 Overview Technology continues

More information

69% SaaS: Adapt or Lose Out. Technology Insights. of businesses are using at least one cloud-based application. SaaS Means Change

69% SaaS: Adapt or Lose Out. Technology Insights. of businesses are using at least one cloud-based application. SaaS Means Change SaaS: Adapt or Lose Out What on-premise software providers need to know about transitioning to Software as a Service (SaaS). SaaS Means Change Life was great until the cloud came around. Your software

More information

The Convergence of IT Security and Compliance with a Software as a Service (SaaS) approach

The Convergence of IT Security and Compliance with a Software as a Service (SaaS) approach The Convergence of IT Security and Compliance with a Software as a Service (SaaS) approach by Philippe Courtot, Chairman and CEO, Qualys Inc. Information Age Security Conference - London - September 25

More information

Presented by Mike Jennings President BEI

Presented by Mike Jennings President BEI Presented by Mike Jennings President BEI Cloud Computing Defined Benefits of Cloud Computing Risks of Cloud Computing When and How to Utilize Cloud Computing Recommendations 2 Cloud Computing Defined 3

More information

Comparing the Costs. Analyzing the total cost of ownership of Clio vs. traditional desktop practice management solutions.

Comparing the Costs. Analyzing the total cost of ownership of Clio vs. traditional desktop practice management solutions. Comparing the Costs Analyzing the total cost of ownership of Clio vs. traditional desktop practice management solutions. Introduction Increasingly, attorneys are considering cloud-based legal practice

More information

Used as content for outbound telesales programmes and (potentially) inbound telesales response.

Used as content for outbound telesales programmes and (potentially) inbound telesales response. Upgrading from Hosted E-mail to a Unified Communication Suite Telesales scripts This document provides recommendations and sample scripts that could be used to target customers for upgrade from hosted

More information

Traditionally, large IT organizations have utilized their own

Traditionally, large IT organizations have utilized their own White Paper Cloud Identity Services Cloud Identity Services TCO Substantially Reducing Cost with Cloud Identity Services Traditionally, large IT organizations have utilized their own resources to design,

More information

Unitary Authority Set to Achieve 27 Per Cent Savings Target with IT Management Tools

Unitary Authority Set to Achieve 27 Per Cent Savings Target with IT Management Tools Microsoft Server Product Portfolio Customer Solution Case Study Unitary Authority Set to Achieve 27 Per Cent Savings Target with IT Management Tools Overview Country or Region: United Kingdom Industry:

More information

Moving Network Management from OnSite to SaaS. Key Challenges and How NMSaaS Helps Solve Them

Moving Network Management from OnSite to SaaS. Key Challenges and How NMSaaS Helps Solve Them Moving Network Management from OnSite to SaaS Key Challenges and How NMSaaS Helps Solve Them Executive Summary In areas such as sales force automation and customer relationship management, cloud-based

More information

Adoption, Approaches & Attitudes

Adoption, Approaches & Attitudes Adoption, Approaches & Attitudes The Future of Cloud Computing in the Public and Private Sectors A Global Cloud Computing Study Sponsored by JUNE 2011 TABLE OF CONTENTS Executive Summary... 1 Methodology

More information

THE BUSINESS VALUE OF MANAGED SECURITY SERVICES.

THE BUSINESS VALUE OF MANAGED SECURITY SERVICES. THE BUSINESS VALUE OF MANAGED SECURITY SERVICES. INTRODUCTION For many organizations, outsourcing network security services appears to be a logical choice. You avoid hardware, licensing, and maintenance

More information

Today s Speakers. A Conversation with Robbie Forkish, Forkish Consulting 9/1/2009. Webtorials Editorial/Analyst Division

Today s Speakers. A Conversation with Robbie Forkish, Forkish Consulting 9/1/2009. Webtorials Editorial/Analyst Division Security In The Cloud A Conversation with Robbie Forkish, Forkish Consulting Webtorials Editorial/Analyst Division Produced and distributed by: Today s Speakers Steven Taylor Co-Founder Editorial/Analyst

More information

BMC s Security Strategy for ITSM in the SaaS Environment

BMC s Security Strategy for ITSM in the SaaS Environment BMC s Security Strategy for ITSM in the SaaS Environment TABLE OF CONTENTS Introduction... 3 Data Security... 4 Secure Backup... 6 Administrative Access... 6 Patching Processes... 6 Security Certifications...

More information

Security Controls What Works. Southside Virginia Community College: Security Awareness

Security Controls What Works. Southside Virginia Community College: Security Awareness Security Controls What Works Southside Virginia Community College: Security Awareness Session Overview Identification of Information Security Drivers Identification of Regulations and Acts Introduction

More information

How To Support Bring Your Own Device (Byod)

How To Support Bring Your Own Device (Byod) WHITE PAPER: EXPLOITING THE BUSINESS POTENTIAL OF BYOD........................................ Exploiting the business potential of BYOD (bring your own device) Who should read this paper This paper addresses

More information

How to Turn the Promise of the Cloud into an Operational Reality

How to Turn the Promise of the Cloud into an Operational Reality TecTakes Value Insight How to Turn the Promise of the Cloud into an Operational Reality By David Talbott The Lure of the Cloud In recent years, there has been a great deal of discussion about cloud computing

More information

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things Cyber security Digital Customer Experience Digital Employee Experience Digital Insight Internet of Things Payments IP Solutions Cyber Security Cloud 2015 CGI IT UK Ltd Contents... Securing organisations

More information

DIGITAL SMEs: OPPORTUNITIES FOR CSPs PROVIDING SOCIAL, MOBILE, ANALYTICS AND CLOUD SERVICES

DIGITAL SMEs: OPPORTUNITIES FOR CSPs PROVIDING SOCIAL, MOBILE, ANALYTICS AND CLOUD SERVICES RESEARCH STRATEGY REPORT DIGITAL SMEs: OPPORTUNITIES FOR CSPs PROVIDING SOCIAL, MOBILE, ANALYTICS AND CLOUD SERVICES CHRIS NICOLL and SANDRA O BOYLE Analysys Mason Limited 2015 analysysmason.com About

More information

Brochure More information from http://www.researchandmarkets.com/reports/3050461/

Brochure More information from http://www.researchandmarkets.com/reports/3050461/ Brochure More information from http://www.researchandmarkets.com/reports/3050461/ Global Cloud Computing Market Service (Software, Infrastructure, Platform)- Strategy, Overview, Size, Share, Global Trends,

More information

Whitepaper : Cloud Based Backup for Mobile Users and Remote Sites

Whitepaper : Cloud Based Backup for Mobile Users and Remote Sites Whitepaper : Cloud Based Backup for Mobile Users and Remote Sites The Organisational Challenges We propose three key organizational principles for assessing backup Security Control Performance Functional

More information

Information Technology Strategy

Information Technology Strategy Information Technology Strategy ElectraNet Corporate Headquarters 52-55 East Terrace, Adelaide, South Australia 5000 PO Box, 7096, Hutt Street Post Office, Adelaide, South Australia 5000 Tel: (08) 8404

More information

BIG SHIFT TO CLOUD-BASED SECURITY

BIG SHIFT TO CLOUD-BASED SECURITY GUIDE THE BIG SHIFT TO CLOUD-BASED SECURITY How mid-sized and smaller organizations can manage their IT risks and meet regulatory compliance with minimal staff and budget. CONTINUOUS SECURITY TABLE OF

More information

ICSA Labs Risk and Privacy Cloud Computing Series Part I : Balancing Risks and Benefits of Public Cloud Services for SMBs

ICSA Labs Risk and Privacy Cloud Computing Series Part I : Balancing Risks and Benefits of Public Cloud Services for SMBs ICSA Labs Risk and Privacy Cloud Computing Series Part I : Balancing Risks and Benefits of Public Cloud Services for SMBs The security challenges cloud computing presents are formidable, including those

More information

Cloud Computing in the Enterprise An Overview. For INF 5890 IT & Management Ben Eaton 24/04/2013

Cloud Computing in the Enterprise An Overview. For INF 5890 IT & Management Ben Eaton 24/04/2013 Cloud Computing in the Enterprise An Overview For INF 5890 IT & Management Ben Eaton 24/04/2013 Cloud Computing in the Enterprise Background Defining the Cloud Issues of Cloud Governance Issue of Cloud

More information

IT OUTSOURCING FOR SMALL & MEDIUM SIZED ORGANISATIONS IN THE FINANCIAL SERVICES SECTOR

IT OUTSOURCING FOR SMALL & MEDIUM SIZED ORGANISATIONS IN THE FINANCIAL SERVICES SECTOR IT OUTSOURCING FOR SMALL & MEDIUM SIZED ORGANISATIONS IN THE FINANCIAL SERVICES SECTOR FundLab guide This guide is intended for the following audiences: Regulated firms considering out-sourcing for the

More information

Secure Cloud Computing through IT Auditing

Secure Cloud Computing through IT Auditing Secure Cloud Computing through IT Auditing 75 Navita Agarwal Department of CSIT Moradabad Institute of Technology, Moradabad, U.P., INDIA Email: nvgrwl06@gmail.com ABSTRACT In this paper we discuss the

More information

How a Cloud Service Provider Can Offer Adequate Security to its Customers

How a Cloud Service Provider Can Offer Adequate Security to its Customers royal holloway s, How a Cloud Service Provider Can Offer Adequate Security to its Customers What security assurances can cloud service providers give their customers? This article examines whether current

More information

How to ensure control and security when moving to SaaS/cloud applications

How to ensure control and security when moving to SaaS/cloud applications How to ensure control and security when moving to SaaS/cloud applications Stéphane Hurtaud Partner Information & Technology Risk Deloitte Laurent de la Vaissière Directeur Information & Technology Risk

More information

Addressing Cloud Computing Security Considerations

Addressing Cloud Computing Security Considerations Addressing Cloud Computing Security Considerations with Microsoft Office 365 Protect more Contents 2 Introduction 3 Key Security Considerations 4 Office 365 Service Stack 5 ISO Certifications for the Microsoft

More information

3 keys to effective service availability management. Visibility. Proactivity. Collaboration.

3 keys to effective service availability management. Visibility. Proactivity. Collaboration. 3 keys to effective service availability management Visibility. Proactivity. Collaboration. Managing service availability without visibility into downtime and data loss risks is like flying at night without

More information

Managed IT Services. Maintain, manage and report

Managed IT Services. Maintain, manage and report Managed IT Services Maintain, manage and report 1 2 Comunet was established in 1995 to provide professional Information Technology services to Australian businesses and organisations. Its vision now, as

More information

A Software-as-a-Service Primer for Independent Software Vendors

A Software-as-a-Service Primer for Independent Software Vendors A Software-as-a-Service Primer for Independent Software Vendors By, Jeffrey M. Kaplan, Managing Director, THINKstrategies, Inc. Founder, SaaS Showplace Introduction Software-as-a-Service (SaaS) is a fundamentally

More information

Cloud Computing in a Restaurant Environment

Cloud Computing in a Restaurant Environment WHITE PAPER Cloud Computing in a Restaurant Environment Cloud Computing in a Restaurant Environment How Restaurants Leverage New Cloud Computing Technologies to Achieve PCI Compliance By Bradley K. Cyprus

More information

Securing the Microsoft Cloud

Securing the Microsoft Cloud Securing the Microsoft Cloud Page 1 Securing the Microsoft Cloud Microsoft recognizes that trust is necessary for organizations and customers to fully embrace and benefit from cloud services. We are committed

More information

The Cloud at Crawford. Evaluating the pros and cons of cloud computing and its use in claims management

The Cloud at Crawford. Evaluating the pros and cons of cloud computing and its use in claims management The Cloud at Crawford Evaluating the pros and cons of cloud computing and its use in claims management The Cloud at Crawford Wikipedia defines cloud computing as Internet-based computing, whereby shared

More information

WHAT S ON YOUR CLOUD? Workload Deployment Strategies for Private and Hybrid Clouds RESEARCH AND ANALYSIS PROVIDED BY TECHNOLOGY BUSINESS RESEARCH

WHAT S ON YOUR CLOUD? Workload Deployment Strategies for Private and Hybrid Clouds RESEARCH AND ANALYSIS PROVIDED BY TECHNOLOGY BUSINESS RESEARCH WHAT S ON YOUR CLOUD? Workload Deployment Strategies for Private and Hybrid Clouds RESEARCH AND ANALYSIS PROVIDED BY TECHNOLOGY BUSINESS RESEARCH Contents I. Private Cloud: Making IT a business partner

More information