Advancing Cloud Computing: Priorities for Industry and Governments

Size: px
Start display at page:

Download "Advancing Cloud Computing: Priorities for Industry and Governments"

Transcription

1 Advancing Cloud Computing: What to Do Now? Priorities for Industry and Governments World Economic Forum In partnership with Accenture 2011

2 About this Report This World Economic Forum report was developed by the Forum s IT Industry Partnership in collaboration with Accenture, with input from a group of experts and a dedicated Steering Board. World Economic Forum The World Economic Forum is an independent international organization committed to improving the state of the world by engaging business, political, academic and other leaders of society to shape global, regional and industry agendas. Incorporated as a not-for-profit foundation in 1971, and headquartered in Geneva, Switzerland, the Forum is tied to no political, partisan or national interests. (www.weforum.org) Accenture Accenture is a global management consulting, technology services and outsourcing company, with more than 215,000 people serving clients in more than 120 countries. Combining unparalleled experience, comprehensive capabilities across all industries and business functions, and extensive research on the world s most successful companies, Accenture collaborates with clients to help them become high-performance businesses and governments. (www.accenture.com) About the Forum s Information Technology Industry Partnership The Information Technology Industry Partnership (IP) programme of the World Economic Forum provides chief executives and senior executives of the world s leading IT companies with the opportunity to engage with peers to define and address critical industry issues throughout the year. Identifying, developing and acting on these industry issues is fundamental to the Forum s commitment to deliver sustainable social development founded on economic progress. About the Project Phase I of the World Economic Forum s Exploring the Future of Cloud Computing project culminated in a report on the benefits of cloud computing entitled Exploring the Future of Cloud Computing: Riding the Next Wave of Technology-driven Transformation, published in the spring of The objective of Phase II was to develop recommendations for actions that governments and industry can take to accelerate the deployment and adoption of public cloud technologies, which resulted in this publication. The Future of Cloud Computing Steering Board Guidance was provided by an actively involved steering board of experts, which included representatives from: Akamai Technologies (Paul Sagan, Chief Executive Officer) BT Group CA Technologies (Ajei Gopal, Executive Vice-President) Google (Nelson Mattos, Vice-President, Engineering, EMEA) Microsoft Corporation (Craig Mundie, Chief Research and Strategy Officer) Salesforce.com (Marc R. Benioff, Chairman and Chief Executive Officer; and JP Rangaswami, Chief Scientist) Project Team Contributors From the World Economic Forum: Joanna Gordon Associate Director, Information Technology Industry Chiemi Hayashi Associate Director, Deputy Head of Risks in Depth, Risk Initiatives Stephan Mergenthaler Project Manager, Strategic Risk Foresight From Accenture: Dan Elron Managing Partner, Strategy and Corporate Development Amelia P. Schaffner Manager, Strategy and Corporate Development Bojana Bellamy Director of Data Privacy Many individuals contributed ideas to this report through surveys, workshops and interviews. The project team thanks all participants for so generously sharing their time, energy and insights. Without their dedication, guidance and support we would not have been able to develop this report. World Economic Forum route de la Capite CH-1223 Cologny/Geneva Switzerland Tel.: 41 (0) Fax: 41 (0) World Economic Forum 2011 Accenture All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, including photocopying and recording, or by any information storage and retrieval system.

3 Contents Executive Summary 1 The Clouds about the Cloud 5 A. Data Governance B. Security C. Business Environment What to Do Now? Eight Action Areas Explore and Facilitate the Realization of the Benefits of Cloud 2. Advance Understanding and Management of Cloud-related Risks 3. Promote Service Transparency 4. Clarify and Enhance Accountability across All Relevant Parties 5. Ensure Data Portability 6. Facilitate Interoperability 7. Accelerate Adaptation and Harmonization of Regulatory Frameworks Related to Cloud 8. Provide Sufficient Network Connectivity to Cloud Services Project Outcomes: What Is Next? 19 About the Research 21 References 24

4 Executive summary Cloud is rapidly The potential benefits of cloud changing the world. computing include promoting It is enabling new economic growth, creating business models and employment and enabling innovation and collaboration. creating tension in the These were described in system. the project s first report, Industry Participant, Exploring the Future of Cloud Washington DC Workshop, Computing: Riding the Next November 2010 Wave of Technology-driven Transformation, published in the spring of While recognizing the many benefits of cloud, however, stakeholders also expressed serious concerns about its widespread adoption. In the second phase of the project, the Forum and its Partners investigated and prioritized these concerns in further detail. This report presents eight action areas for providers of cloud computing services and government agencies. It is intended to set the agenda for further engagement among all stakeholders, ensuring the healthy future development of the cloud computing industry. Clouds about the Cloud Many of the concerns about the public cloud, which are outlined on page 5 of this report, have long been discussed in relation to the Internet without satisfactory resolution. As cloud computing technologies significantly exacerbate these issues, the industry and government must address them at a relatively early stage in the evolution of cloud services. All the infrastructure in the cloud is no longer under your control: with cloud, there is a shift in responsibility. Government Participant, Brussels Workshop, May 2010 Project participants already feel that the current regulatory environment has slowed the progress of cloud technologies (in 2010). Further divergence and fragmentation in how the public cloud evolves could further delay potential benefits. These issues include difficulties faced by customers in understanding who can access the data that they put in the cloud, how it is protected and how they can be sure it has been deleted when they want it to be. They also include a growing desire by many national governments to direct the evolution of the digital realm within their physical borders, with major implications for where cloud providers can locate the servers that process data. Figure 1. Cloud by the numbers 33% (2) of global companies have deployed or are piloting the more mature layer of clouds, SaaS. 23% of high performing IT companies have already deployed SaaS 25% (3) of global companies will be deploying cloud computing for critical applications within 2 years 44% (3) $55 billion (1) forecasted worldwide revenue from public IT cloud services by 2014 of executives from global companies who believe cloud computing can provide their company with a lasting competitive advantage 30% (1) the rate at which cloud computing will grow in 2011, or more than 5 times the rate of IT industry as a whole 2.3 million jobs (4) the net new jobs created by cloud on a cumulative basis over the period 2010 to 2015 across the top five EU economies 2.1% (4) the average improvement in efficiency of an average employee because of cloud Source: 1 IDC [Worldwide and Regional Public IT Cloud Services Forecast, June 2010]. 2 Accenture [ Mind the Gap Insights from the 3rd global High Performance IT research study, Nov, 2010]. 3 Accenture [Cloudrise: Rewards and Risk at the Dawn of Cloud Computing Nov, 2010], 4 Center for Economics and Business Research [The cloud dividend, Dec, 2010] 1

5 The global community has come together before to address key issues and policy considerations in other industries such as banking, transportation, and telecommunications. We must now do the same for cloud computing. The journey to cloud computing will not happen overnight, but in the months and years ahead we have the opportunity, as a global community, to shape the future of cloud computing and take the first steps together towards a new, more interconnected world. Vivek Kundra, first Chief Information Officer (CIO) of the United States of America, March 2011 Key Opportunities for Multistakeholder Collaboration In response to these concerns, the Forum and its Partners have prioritized a set of eight action areas to be addressed by industry and governments, either separately or collaboratively. Through extensive consultations in Europe, the United States and Asia, the project has sought ways to reconcile the natural conflict between letting an innovative set of technologies mature and the need to protect users and citizens. Presented on page 13, the action areas cover topics such as: Improving transparency on how services are provided, who has accountability for what, how data is protected and which legislative regimes apply; addressing these topics is seen as a critical step towards the broader need, identified by stakeholders, to build trust in the cloud Conducting further research to clarify and spread awareness of the benefits of cloud, and ensure a balanced understanding of the nature of the risks and our current abilities to manage them; this is seen as helpful for enabling informed decision-making by both potential users and regulators Facilitating system interoperability, enabling users to customize their own cloud solutions across multiple providers, and data portability to ease user fears of vendor lock-in and government fears about lack of competition Guaranteeing sufficient network connectivity so that users who entrust their data to the cloud can be confident of being able to access it on demand While complex and sometimes contentious, the eight action areas set out in this report received strong and essentially unanimous support from the companies participating in the private session about cloud computing at the World Economic Forum Annual Meeting 2011 including many of the largest cloud providers and from several official representatives of governments and supranational organizations. With the support of leading providers and governments, we encourage individual companies, governments and existing collaborative initiatives to move quickly to further define and implement the necessary actions that will accelerate the ability of cloud technologies to generate the economic and social benefits they promise. In today s turbulent world, these benefits are more critical than ever. Figure 2. Generating the action areas Benefits Accelerate innovation Better serve customers Lower organizational expenses Improve IT efficiency & flexibility Bring socio-economic improvements Level the playing field Issue areas Data governance issues Data location and jurisdiction; Privacy & confidentiality; Data ownership Security issues Interoperability & portability; Reliability; Service level commitment; Ecosystem maturity Business Environment issues Authorized access; Integrity & availability; Data loss; Data destruction Action areas 1. Explore cloud benefits 2. Understand & manage cloud risks 3. Promote service transparency 4. Clarify & enhance accountability 5. Ensure data portability 6. Faciliate interoperability 7. Adapt & harmonize regulation 8. Provide sufficient connectivity 2

6 Cloud: The Upside People are used to scarce resources, and the idea of virtualization of resources is forcing a change from a paradigm of scarcity to one of abundance. It s like finding a substitute for oil. Industry Participant, Brussels Workshop, May 2010 The ability to tap into computer applications and other software via the cloud frees organizations, ranging from companies to government institutions and universities, from having to build and manage their own technology infrastructure. The double-digit growth enjoyed by some cloud providers during the recent economic downturn demonstrates that many organizations find this attractive. According to research conducted by the World Economic Forum and Accenture in 2009 and 2010, the benefits of cloud computing technologies go beyond reducing IT costs most participants see facilitating innovation as an even more compelling benefit. In the long term, cloud is seen as a way to gain competitive advantage, not only for organizations but also for whole industries and economies. While empirical evidence is still at an early stage, studies have associated cloud computing with many types of benefits, including: Dramatically accelerating the way companies create new products and services, through enabling innovative new business models, faster research, wider information sharing and more effective collaboration between product development professionals around the world Helping organizations serve their customers better through mining and analysing data to spot emerging trends, such as changing customer needs and competitors market moves Lowering organizational expenditures on data centres, servers, software licenses and maintenance fees and replacing capital expenses with lower pay-for-use operating expenses Enabling innovation and job creation at a macro level, with the playing field between large and small companies being levelled as companies of all sizes gain access to information technology that previously was affordable for only the largest companies Helping emerging economies leapfrog to higher levels of technological development by providing more immediate and affordable access to next-generation applications, tools and infrastructure Empowering governments and citizens to more effectively address such socio-economic issues as delivering healthcare and education, improving access to financial services (insurance, bank accounts, micro-payments) in emerging economies and disaster management provision Reducing the environmental impact of computing as economies of scale lead to less consumption of energy Affirming the benefits described in the project s first report, most participants in the private session about cloud computing during the World Economic Forum Annual Meeting 2011 agreed that cloud computing is likely to have a noticeable impact on GNP growth during the coming five years. Many believe that the impact of cloud computing will equal or exceed the impact of mobile technologies. 3

7 4

8 The Clouds about the Cloud Stakeholders Issues and Priorities With the pace of development of the cloud computing industry increasingly raising questions about regulation, a group of high-level IT industry participants at the World Economic Forum Annual Meeting 2009 mandated the first phase of the Future of Cloud Computing project. Senior decision-makers in the public and private sectors explored the benefits that could be derived from the use of cloud computing for society, the economy and individual businesses. They also identified barriers to the achievement of such benefits and mandated that the Forum pursue the identification of a series of collaborative actions that could steer the healthy development of cloud computing. 1 In response to the output of the project s first phase, industry leaders at the Annual Meeting 2010 mandated the second phase of the project, to identify action areas in further detail. The scope of the project remains focused on the use of public clouds primarily for businesses and governments, although many of the issues identified apply to the consumer domain as well. Through a series of initial workshops, surveys, one-toone and group interviews and using a structured issue tool, multiple issues of concern to key stakeholders from industry, government and academia were identified. They were grouped into three issue areas data governance, security and business environment and analysed in detail. Figure 3 illustrates the issues associated with each of these three areas. A. Data Governance Given the legal complexity created by cloud environments, industry players are forced to infringe laws all the time. Who owns data, who has the right to access it and under what circumstances? What rules apply to the use and sharing of data? Such questions tend to be more complicated when data is stored in a shared infrastructure managed by a third party. Industry Participant, London Workshop, December 2010 Stakeholders expressed differing views about the appropriateness and feasibility of regulation alone as opposed to industry self-regulation to specify frameworks that govern data and its use in the cloud. The issues raised under the heading of data governance were: Data location constraints It is not always clear under which legal jurisdiction data in the cloud falls especially if, as many cloud architectures require, the data is split up and stored in multiple locations. In some cases, it is impossible to determine where a particular piece of data is physically at a particular moment. Even if this were possible, data often falls under more than one legal jurisdiction, and it is unclear how inconsistencies among those jurisdictions would be resolved. Figure 3. Key categories of issues identified A. Data Governance 1. Data Location constraints 2. Regulatory protection of privacy and confidentiality 3. Clarity about data ownership 4. Ensuring only authorized access (identity mgmt.) B. Security 5. Ensuring integrity and availability (& addressing data loss) 6. Ensuring data is destroyed as needed 7. Ensuring Interoperability C. Business Environment 8. Ensuring Portability (& avoiding vendor lock-in) 9. Insufficient reliability of cloud 10. Insufficient commitments to service levels 11. Relative immaturity of the cloud ecosystem 5 1.

9 No matter how much Users are concerned about we invest, data is the potential for foreign going to escape governments to demand internationally; that access to their data. Governments worry about is just a fact of the losing the legal ability to Internet. oversee data in the cloud and Industry Participant, apply their laws to the cloud. Washington DC Workshop, These concerns can result November 2010 in data location constraints being imposed for example, requiring cloud providers to locate data within national borders, or subjecting transfers of data outside a given jurisdiction to additional legal hurdles and authorizations. Some stakeholders, however, see these concerns as thinly veiled excuses for protectionism. For their part, some cloud providers indicate that, if countries insist on data being stored within national boundaries, they will be unwilling to build new data centres in smaller markets. They point out that the freedom to move data across borders helps to achieve the economies of scale that are a key benefit of cloud computing, as there is a significant cost involved in using architectures that keep a customer s data in a particular country or geographical block, potentially giving the largest providers an unfair advantage. Data Privacy and Confidentiality Many users say that concerns about data privacy and confidentiality restrict their willingness to use cloud services for sensitive data. In the cloud, data is stored on remote machines that are shared with other users. This makes many users concerned about the potential for business competitors or government authorities to access their data in the cloud without their awareness or consent. Governments would like to mandate and apply national legal requirements for data stored in the cloud, and many already have. Given the cross-border nature of the cloud, though, national measures to protect data privacy and confidentiality have only limited capacity to reassure users. Some stakeholders feel that, given these regulatory challenges, users concerned about data privacy and confidentiality will ultimately have to rely on market mechanisms to assess the trustworthiness of providers in the cloud. Nonetheless, there is no guarantee that adequate market mechanisms will emerge in a timely fashion. Clarity about Data Ownership When a user moves data to the cloud, it is not always clear what rights the cloud service provider gains to access, modify or distribute that data. Some users are concerned that certain types of legal protection associated with data they entrust to the cloud will be compromised if data is moved through the cloud to other jurisdictions for example, they may be exposed to insufficient or conflicting regimes with regard to their intellectual property. Ownership of meta-data is often raised as a concern. Meta-data is created from connections between separate individual items of data, or from the context of when and how those individual items of data were provided. Metadata can be extremely sensitive and valuable, even when the individual items of data are not. Who should have what rights to use meta-data and capture the value that arises? There is a lack of agreement on these issues, and regulation is not always conclusive. EU data privacy laws, for example, distinguish between data controllers and data processors but, in the cloud, it is not always obvious what the respective roles and responsibilities are. There are scenarios in which users and providers could find themselves in a legal limbo, where the law provides no clear answer as to who is responsible for the data if, for example, security is breached or a provider fails. While regulators say they would like to improve both regulations and user awareness of the issues surrounding data ownership, industry stakeholders express concern that over-regulation of data ownership at this point in the cloud s evolution could prevent them from meeting user needs and improving services. There is a desire for greater global consistency in data privacy requirements applying to the cloud but government stakeholders note that fundamental differences in their approaches make comprehensive international agreements less likely. For example, the United States has a stricter regulatory regime for specific sectors, such as healthcare, where privacy and confidentiality issues are especially sensitive, while the European Union has blanket data privacy laws covering all data. 6

10 Building a Secure Cloud without Undue Points of Control By Jonathan L. Zittrain, Professor of Law and Professor of Computer Science at Harvard University and Member of the Project Working Group In 2010, cloud provider Amazon.com elected to shut down its hosted version of the WikiLeaks website. Amazon, like many such vendors, offers hosting to all comers but under terms of service that give it broad latitude in deciding ultimately whom to serve. Given the public controversy over WikiLeaks, Amazon s action crystallized something already known about cloud computing: when one s data or software is hosted far away and under the care of a third party, there are new risks and complications that can offset the ways such hosting can make life simpler and safer. Some of these risks can be managed: businesses can shop carefully for an enterprise-level cloud provider, and pay more for those that can persuasively claim more reliable service, or for contracts that penalize unanticipated or unjustified takedowns or interruptions. (For consumers, who plan and bargain less, the equation can be particularly dangerous: a lifetime s worth of or photos, or a social network comprising hundreds or thousands of hard-won relationships, can have its rules changed, or even evaporate, in an instant.) However, not all risks can be easily mitigated. For example, network trouble or government-mandated filtering can come between a business and its cloud processes. And, as events in Egypt and Libya demonstrated, there are occasions in which an entire nation s Internet access can be threatened. The solution is not likely to involve retreat to one s own basement servers. Basements aren t fail-safe either, and another marker thrown down by the WikiLeaks episode is the prevalence and power of denial of service attacks: all but the most bunkerized homes for data and code are vulnerable to compromise or attack. We do not want to see the move to cloud computing, which can offer so many benefits, slowed if the fears brought into focus by the WikiLeaks episode remain unaddressed. Yet we also do not want to find ourselves continuing a march to cloud computing that entails clustering under only a handful of powerful umbrella service providers, leading to limited competition and a handful of points of control. Solutions may lie not as much in centralization as in its opposite: creating protocols and processes by which data is voluntarily mirrored among otherwise-independent sites. Then if one is disrupted, other copies remain. And at the network s physical layer, we may see projects such as mesh networking -- creating connectivity without relying upon Internet service providers -- move from the interesting to the downright vital. While the approaches and examples can vary, answers to these very new problems may be inspired from the oldest of human instincts and political organization: mutual aid. As cloud computing accelerates, our creativity and sociability will be tested as we seek to realize its gains without creating undue vulnerabilities. 7

11 B. Security No-one will Users want to be confident unequivocally declare that their services and data that cloud is 100% are secure in the cloud safe just as no one will declare airplanes that is, always available to are 100% safe. Let them and never available not security become to unauthorized others. the bogey that ll stop They also demand recourse the whole thing be mechanisms if something pragmatic, solve the goes wrong. Industry problems as they come along, and be stakeholders point out that open. greater security involves Academia Participant, trade-offs with cost and New Delhi Workshop, usability, and that technical November 2010 solutions can never fully protect against security breaches originating from users themselves. Security-related issues raised by stakeholders include: Ensuring Only Authorized Access Users are concerned that data in the cloud is more susceptible to cyber-attacks, as aggregating multiple users data and services on a single platform makes it a more attractive target. Providers point out that no security mechanisms are foolproof, and all come with trade-offs: using encryption can be expensive, and using hypervisors to virtually isolate a user s applications and data can still leave vulnerabilities. More broadly, both industry and government stakeholders expressed concern that technical security mechanisms such as encryption could give users a false sense of security. Encryption is only as effective as the user s control of who has the key, and does not solve the problems of a malicious insider or of users being manipulated into giving access. These concerns are bound up with wider questions of how to manage and verify identities. Ensuring Integrity and Availability (and Addressing Data Loss) When users store their data on their premises, it is clear who is accountable if the data is corrupted, lost or temporarily inaccessible. This is not necessarily the case when the data is stored in the cloud. When it is unclear whether a problem lies with the cloud provider or with the networks the user is using to access the cloud, users are concerned that they will be unable to establish who is liable, and to seek redress. As many users data may be shared on one machine, users are concerned about the possibility of problems with one user s services affecting another s. Government stakeholders express concern about the resilience of cloud providers to distributed denial-of-service (DDoS) attacks, and note there is an inherent disincentive for providers to report on breaches and problems. Some industry stakeholders, however, believe they are already being transparent enough, especially given that a great majority of client agreements require the service provider to notify the client of any breaches or data loss. Ensuring that Data Is Destroyed as Needed Most computer users are aware that even when they delete data, it can still be recovered from their hard drives additional steps are needed to make sure data can never be retrieved. True data deletion is more challenging in the cloud, because cloud providers are the only ones with access to the physical infrastructure on which users data is stored, and often data may be mirrored on multiple machines. Without any way of verifying if their data has been destroyed, users have no option but to trust the provider. Government stakeholders are especially concerned that sensitive data, such as healthcare records, should not be recoverable once deleted. Industry stakeholders note, however, the significant technical difficulties involved in guaranteeing data deletion. Overall, many cloud providers are keen to stress that the above concerns about security in the cloud should not be overstated. By their nature, cloud solutions aggregate the security requirements of many clients, often to the highest standard, and they are frequently monitored and stringently audited. As a result, security protections in the cloud are more extensive than in many, perhaps most, private data centres. 8

12 Cloud Computing in India and Emerging Markets The change created by the cloud ecosystem will be manifested 20% in the realm of technology and the remainder through social change. Industry Participant, New Delhi Workshop, November 2010 The World Economic Forum held a workshop in New Delhi on 23 November 2010, convening over 30 leading Indian decision-makers, including service providers, users, government representatives and academia. The goals of the workshop were to identify the potential benefits and opportunities of cloud computing in India and other emerging economies; address the unique challenges to its implementation in emerging markets; and explore in which areas emerging markets could take the lead in cloud development. Market Potential Small and medium-sized companies with limited resources and access to IT are expected to be the greatest beneficiaries in India from the efficiency gains promised by cloud computing. For these companies, participants expect cloud to facilitate more efficient delivery of services to bottom of the pyramid consumers one of the key future market potentials in emerging economies. Similar efficiency gains could also improve public services in India. Some government representatives argued that cloud service models could, in fact, be the only means of delivering certain essential services (such as microtransaction banking, micro-insurance and healthcare) given the vastness of the country, with large remote and poor populations. Other areas of public service that could benefit from the cloud include disaster management and the agricultural sector. More broadly, providing access to data and computing power to people who would normally be deprived of such resources could unleash significant new innovation. Specific Challenges in India The lack of economic returns represents one of the key challenges for the development of the domestic cloud market in India. While many IT companies are engaged in the cloud business, they feel that currently there are insufficient incentives to offer economically sensible cloud models and services to the domestic market, particularly those targeting micro, small and medium-sized enterprises. Hurdles to the adoption of cloud include the limited availability of digitized data and the need to deal with requirements of 28 different states. In addition, limited and/or unreliable wired and wireless broadband infrastructure hinders access to, and hence development of, cloud services in India. This calls for greater engagement from the government to provide a fertile environment for domestic cloud markets and to engage in public-private partnerships on cloud development. In terms of regulation, while privacy and personal data protection are not widely established in Indian law, IT companies that export services are keen to have Indian regulation align with European and US data protection frameworks. The development of such a framework in India would assist the industry in competing on an international scale. Additional implications for Emerging Markets Overcoming connectivity challenges is critical. The development of mobile-based access in India and other emerging markets will drive the adoption and growth of cloud computing. Access management is another area in which India is developing promising initiatives. Given the large population base and the huge number of potential cloud users, identification and access management poses unique challenges. India s Unique Identification Card (UID Card) project, which relies on cloud technologies, could be seen as a model case. 9

13 C. Business Environment Cloud services and business models are still at an early stage of development, but several areas have been identified that are of concern to key stakeholders. They include: Ensuring Interoperability Interoperability is the ability of different systems to seamlessly communicate with each other. Users favour greater interoperability as it allows them to customise their own solutions by purchasing best of breed services from multiple cloud providers and to move more easily between providers. Governments also favour interoperability as a way of driving competition and increasing the resilience of the cloud system as a whole, especially where the market consists of only a few providers. However, industry stakeholders are concerned that a premature focus on standardization to promote interoperability could hold back innovation and the evolution of better solutions. Ensuring Data Portability Closely related to interoperability is the question of data portability that is, users being able to move data (or even complete application stacks) easily among cloud providers. Many users express the fear of being locked in to a single cloud provider if it turns out to be inefficient, time consuming, expensive or impossible to transfer data to a different cloud, or back to their premises. Government stakeholders are also concerned about portability from the perspective of encouraging competition and building systemic resilience. However, as with interoperability, industry stakeholders are concerned that an excessive focus on ensuring data portability will limit their incentive to innovate by making it harder for them to differentiate themselves through different architectures and offerings. Concerns about meta-data also complicate efforts to ensure data portability. Insufficient Reliability of Cloud Many users perceive that the reliability of cloud solutions is not yet sufficient for them to trust the cloud with their mission-critical needs. They are concerned about being alerted to planned downtime and having accurate reports about unplanned downtime; having access to their data slowed by other users creating contention for the provider s resources; and the need for backup strategies in the event of unanticipated crises or a provider going out of business. Industry stakeholders generally feel that, as the cloud matures, market mechanisms will evolve that allow users to assess providers reputation and reliability. Nonetheless, there is no consensus among cloud providers on how much information about their reliability they are willing to disclose, and government agencies are not satisfied with the status quo. Insufficient Commitments to Service Levels Related to reliability concerns, users note that the kind of SLAs (service level agreements) they rely on from providers of their on-premises IT solutions do not tend to be offered by cloud providers, or that what is offered is insufficient for important applications. Potential users of cloud computing are held back by the lack of clear commitments from providers on such issues as uptime, response times, bandwidth, reliability and security or by the lack of stipulated penalties if these commitments are not met. Users also note that the lack of standardized SLAs makes it difficult for them to compare competing services. There were, however, mixed views among industry stakeholders on the feasibility of working towards standardized SLAs, given the great diversity of architectures and users needs and circumstances. Relative Maturity of the Cloud Ecosystem While cloud services are evolving rapidly, many stakeholders express concern about the speed at which other necessary aspects of the ecosystem in which public clouds operate are evolving. Common concerns include: The still-widespread lack of understanding about cloud, as potential users do not feel sufficiently informed about the risks and benefits and are nervous about committing to relatively new business models such as pay-as-you-go access to IT Future speed, reliability and global availability of the network access required to use public clouds Availability of expertise, as there are still relatively few IT professionals globally who are trained to architect cloud solutions Current underdevelopment of insurance solutions, which could protect users against problems with the cloud Threats to intellectual property from using cloud solutions outside a firewall, as more information and approaches to running a business are externally exposed 10

14 The Cloud in Context: Geopolitics and Economics Some of the fundamental issues identified by the project illustrate how sensitive and complex cloud technologies have become at this relatively early stage in their development. Many stakeholders are concerned by the current dominance of cloud providers based in the United States, because of the potential loss of competitiveness and decreased ability to influence how the cloud operates. This may explain the development of individual clouds in countries such as China. Some officials are worried that jobs may be lost in private data centres as companies move to the cloud, although most stakeholders agree that, in the longer term, the cloud s net effect on jobs is likely to be positive. The skills issue also comes into play a country s capacity for innovation could be compromised if its citizens are not sufficiently aware of how to utilize cloud technologies, especially if no local cloud providers exist and if local R&D is limited. There are also questions about whether national identities, autonomy and sovereignty could be compromised if firms increasingly rely on the same few foreign cloud providers. This reliance is seen by some as potentially a new form of colonization. Finally, it is still far from clear how principles of free trade should be applied in the cloud whether countries that host cloud data centres have an obligation to provide open access to these centres to customers from other countries, under what terms and with what protections. Figure 4. Key topics that emerged at the 2010 workshops Brussels Economic and social impacts of cloud Interoperability and vendor lock-in 3rd party validation & certification Secure access & network security Industry-led standardization Growth-enhancing initiatives Clarify (roles, relationships, data location and ownership of data) Clarification on application of regulation Data privacy & confidentiality Washington, DC Education & awareness raising Government access to data Interoperability & portability "Privacy by Design" R&D needs Quantifying ROI Harmonization & Transparency Addressing risk India Economically sensible cloud models Government-Industry partnership Government incentive Enabling cost (e.g. Infrastructure, utility) of delivery in emerging markets Compliance with int'l regulations on data Social change India's youth Lower concerns about data sensitivity Focus on small, micro businesses U.K. Macro-regulatory framework Transparency & trust Co-regulation model Integrity & reliability Accountability Concrete security measures Interoperability & portability Number of actors 11

15 12

16 What to Do Now? Eight Action Areas Working from the major issues described in the previous section, the project set out to develop recommendations and identify actions that governments and industry can undertake to accelerate the deployment and adoption of public cloud technologies. While the underlying issues are complex and contentious, eight critical action areas were selected by government representatives and companies including many of the largest cloud providers and regulators from Europe and North America and then confirmed in the private session about cloud computing held during the World Economic Forum Annual Meeting Explore and facilitate the realization of the benefits of cloud 2. Advance understanding and management of cloudrelated risks 3. Promote service transparency 4. Clarify and enhance accountability across all relevant parties 5. Ensure data portability 6. Facilitate interoperability 7. Accelerate adaptation and harmonization of regulatory frameworks related to cloud 8. Provide sufficient network connectivity to cloud services As described below, these action areas are put forward as a charter for further engagement among key stakeholders. They are intended to form a cohesive agenda, bringing together several areas in which there are existing but disparate initiatives. We hope this step will lead to industry and government collaboration to further define and implement the necessary actions to move the agenda forward and accelerate the uptake of cloud technologies. 1. Explore and Facilitate the Realization of the Benefits of Cloud Cloud ecosystem participants should dedicate additional resources to understanding the benefits of cloud and accelerating the adoption of innovative applications of cloud technology. Topics include product and process innovation and job creation, collaboration, broad delivery of IP, government effectiveness and efficiency, and other economic benefits. Underlying many of the issues discussed in the previous section is a sense that the benefits of cloud computing beyond those related to IT efficiencies are not well understood. This manifests itself as a problem in two main ways. First, users may be held back from moving to the cloud if they perceive the risks more clearly than the benefits. Second, regulators find it hard to make balanced decisions that are in line with the European legal principle of proportionality if they lack a clear sense of how their decisions could potentially impact the macroeconomic and societal benefits of the cloud as well as the risks. The principle of proportionality argues, among other provisions, that regulation should detract as little as possible from the benefits of what is being regulated. It is normal enough for any new technology that independent, objective research on its benefits is difficult to find. However, a balanced view of the potential benefits is especially necessary for cloud, given the unique concerns it raises. It would be useful, for example, to have independent and objective research into the potential for cloud computing to facilitate collaboration among multiple and diverse participants in industries such as healthcare, education and complex supply chains, or to deliver cross-border protection of intellectual property rights. In particular, it has been expected for some time that cloud would significantly advance healthcare and education, and it is important to understand why this has not yet happened. During the past decade, there has been extensive research on the benefits of broadband, particularly its ability to accelerate GNP growth. This may provide a model for similar research into the cloud, given its complementarity with broadband access. Such research should focus on the potential for job creation (and loss), looking especially at how small and medium-sized businesses could benefit from access to best in class computing solutions. 13

17 2. Advance Understanding and Management of Cloud-related Risks Relevant stakeholders (providers and government) should encourage research into the unique risk drivers in cloud computing and identify potential solutions. The flipside of clearly understanding the potential benefits of cloud is ensuring that perceptions of risk are also grounded in reality. It is arguable that several of the stakeholder concerns described in the previous section apply just as much to the public Internet as to the cloud, where data centres may be protected by security mechanisms that are so sophisticated they actually reduce risk rather than exacerbate it. If concerns are indeed overstated, the development of the cloud would be needlessly held back. For the moment, However, authoritative research there is very little is lacking on how serious the information on what risks are for different types of is going on behind applications and data; how well they can be managed; the scenes in terms of and how they relate to broader security management global risks such as political in the cloud. issues affecting the movement Industry Participant, of information across borders. London Workshop, Collaboration among industry December 2010 and regulators on conducting and publicizing such research could educate and reassure users, and help to ensure that government regulation is appropriately targeted. Risk mitigation strategies need to address the different risk profiles of different types of data, such as personal data and trade secrets. Innovative approaches to managing risk could include industry players developing codes of conduct and mutual assistance schemes whereby providers agree to assume responsibility for each other s service commitments in the event of outages or breaches. A better understanding of risks would also facilitate the development of nascent cloud insurance models to offer compensation to customers in the event of losses caused by the cloud. 3. Promote Service Transparency Providers of cloud services should make available to customers information about how their services are provided and how they perform. This includes letting customers know how data is secured, where data is stored and/or what jurisdictional provisions apply, how and by whom it can be accessed, and how it can be deleted. In addition to further research into the benefits and risks, greater transparency (i.e. public disclosure) about cloud computing would go a long way towards addressing many of the stakeholder issues detailed above notably privacy and confidentiality, data ownership, security, liability and reliability. Clearer and more easily accessible information about cloud service delivery models and offers would accelerate the development of the market by improving levels of user trust and facilitating the creation of aggregated services provided by multiple providers. Greater transparency should also reduce the risk of excessive regulation that could hinder the industry s evolution. Government stakeholders indicate that as more consistent and comparable information on cloud performance and security becomes available to customers, the less they will be concerned about the need to protect less-sophisticated customers through regulation. There is an opportunity for cloud providers to take the lead on transparency through developing codes based on shared good practices. Efforts to improve and standardize reporting are underway, and there is scope for them to be consolidated. Voluntary certification schemes could also play a role, with cloud There is a need to be transparent with regard to roles, relationships, locations and ownership of data. Industry Participant, Brussels Workshop, May 2010 Transparency is one of the key requirements: we need to learn to trust cloud services. Industry Participant, London Workshop, December 2010 providers asking a third party agency to audit, certify or rate them. Such a move could help to build trust in the cloud and reduce the need for further regulation. 14

18 4. Clarify and Enhance Accountability across All Relevant Parties Industry, regulatory bodies and third parties should collaborate to create and implement more consistent and comprehensive approaches to accountability for how cloud services are provided. Complementing greater transparency, greater clarity about accountability would accelerate uptake of cloud computing among potential users, who are currently reluctant to entrust missioncritical services to the cloud. Users want to know who is accountable if service levels are unsatisfactory, if they are unable to access data they put in the cloud or if it is accessed by unauthorized persons or government agencies. In particular, users want clarity about accountability for service delivery in situations where providers leverage sub-contractors, get acquired or go out of business. Efforts to clarify accountability for legal compliance such as the development of data privacy and security compliance programmes by cloud users or providers are hindered by unclear and sometimes inconsistent regulation. It is therefore important to achieve clarity on whether cloud providers are considered data processors or data controllers, what the respective obligations of both parties are, and which country s laws apply to data when a cloud provider has data centres in multiple jurisdictions. Possible technology approaches to the third point include tagging data with a specific jurisdiction code or encrypting all data before it moves to the cloud (although this is expensive and not foolproof). As with transparency, government stakeholders indicate that voluntary industry moves to clarify accountability and establish corporate compliance programmes could reduce the need for regulatory intervention. There is an opportunity for third-party certification schemes to play an important role, and potential for further industry involvement in existing initiatives such as the Data Privacy Accountability Model, Privacy-by-Design and Binding Corporate Rules. Industry players and government stakeholders need to agree on the extent to which it is possible to establish general principles regarding accountability, as some cloud providers expressed the view that accountability needs to be negotiated only with individual clients. 5. Ensure Data Portability Cloud service providers should provide ways for users to easily retrieve data they have input to clouds, without an onerous fee and in a timely manner. The fear of vendor lock-in holds back many potential users of cloud, while many government stakeholders are concerned about maintaining competitiveness in the cloud market. These concerns are lessened if it becomes quicker, easier and cheaper for users to move data, and perhaps applications, between different cloud providers and between user premises and the cloud. Users should be aware, however, that due to economies of scale in the cloud and particular cloud architectures, it may be economically infeasible to roll back from the cloud to an on-premises solution. There is potential to achieve greater consistency and rationalization in the data portability standards currently being advanced by multiple bodies, including the Distributed Management Task Force; over time, the ambition could be to develop minimum portability standards and common approaches for all cloud providers. Governments have a role in minimizing any regulatory barriers that are faced by efforts to standardize portability. Work on facilitating data portability also needs to be aligned with work on common approaches to data ownership and protection, law enforcement access and liability. Providing meta-data and context information, in addition to the actual data entered, can significantly increase the options available to customers. 15

19 Additional Action Areas In addition to the eight action areas detailed in this report, several additional actions were discussed but did not receive sufficiently widespread support to be included in the final list of action areas. These are: Foster education for cloud users Governments, the cloud computing industry (and other industries that can benefit from cloud), academia and institutions of higher education, and small businesses share an interest in fostering education and awareness among potential users of cloud services on ways to leverage cloud technologies. Use cases could illustrate more complex scenarios. Familiarizing labour pools with cloud technologies should enhance national economic competitiveness by ensuring that industries that stand to benefit from the cloud do not fall behind in taking advantage of it. Promote R&D for privacy and security enhancing technologies Providers of cloud services should collaborate with each other and with government stakeholders to invest in research to advance the protection of privacy for users through the reinforcement of existing procedures and creation of new architectures and systems. This applies in particular to identity and access management, data encryption, data deletion, and addressing causes of failure and security loopholes. Improve SLAs By working to evolve clearer and more standardized service level agreements, industry players can address user concerns about being unable to make informed decisions. As governments are also concerned that users of cloud should be able to understand and take responsibility for their choices, industry action could pre-empt regulatory intervention. More stringent SLAs will also allay user concerns about entrusting mission-critical solutions to the cloud. Adopt Cloud Governments can continue to support the use of public cloud and play a significant role in the general adoption of cloud by driving the need for industry to create government-ready solutions. The adoption of cloud by governments also increases user confidence and may facilitate regulatory processes and harmonization. For example, US Federal Chief Information Officer Vivek Kundra has released the Federal Cloud Computing Strategy in 2011, which calls for about one-quarter of federal IT spending, or US$ 20 billion, to be committed to cloud systems. Additionally, under the US Cloud First programme, agencies will be required to move three services to the cloud within 18 months; adopt a cloud model wherever feasible; and evaluate cloud options before making investments. Pursue new approaches to regulatory harmonization Additional suggestions mentioned in this context that did not achieve broad agreement, included: Adapt WTO frameworks to create a cloud trade body to address data policies and help stakeholders formulate and agree upon policies needed for digital services Create a broader, voluntary safe harbour programme with the understanding that, once a company commits to it, the commitment will be legally binding Create a Cyberpol or world court that would act as a central, global body to pursue non-compliant providers, criminals and, possibly, rogue states 16

20 6. Facilitate Interoperability 7. Accelerate Adaptation and Harmonization of Regulatory Frameworks Related to Cloud Industry players should pursue the evolution of cloud offerings with the goal of facilitating interoperability among multiple (private and public) clouds. This will accelerate the growth of the overall cloud ecosystem. There has been notable progress recently in developing offerings that allow users to customize their own solutions by simultaneously using services from multiple cloud providers. As with data portability, every step towards greater interoperability helps to address stakeholder concerns about competitiveness and lock-in. It may also accelerate innovation and help address challenges related to data privacy and security. As the cloud industry matures over the coming years, interoperability will need to be accompanied by the evolution of clear accountability frameworks, commitments to commonly defined service levels and broad adoption of standards. Large industry players, including savvy and demanding customers such as governments, can help accelerate this maturation process for example, through encouraging visible research and pilot projects. Fostering cloud interoperability will also likely extend to a broad range of ecosystem players, including providers of connectivity and application developers, who will need to adopt relevant architectures and provide enabling services such as highly reliable cross-cloud connectivity. Governments worldwide should adapt and harmonize regulations relevant to cloud with the aim of improving their applicability and reducing divergence across jurisdictions, while considering the maturity of the overall industry. There is widespread frustration among stakeholders about the regulatory environment for cloud computing, especially in the areas of data privacy and security. Regulations are often inconsistent, conflicting and difficult to apply for users and providers operating globally. This holds back users from moving to the cloud, as they fear regulatory provisions are insufficient to protect their data from being unduly accessed by law enforcement or retained by providers. And when regulations effectively force data to remain within national borders either directly by imposing restrictions on data transfers outside the jurisdiction, or indirectly through a lack of cross-jurisdictional alignment they hold back cloud providers from realizing improvements that come from achieving scale through multiple locations. As a long-term goal, governments may wish to explore a macro-regulatory framework that will be more adept at keeping pace with rapid technological change. Options include a co-regulation approach, whereby industry takes the lead in identifying necessary provisions and governments take a policy and oversight role. This would imply Industry could take the initiative for a cloud code of conduct and regulators could then review it. Government Representative, World Economic Forum Annual Meeting 2011 achieving a harmonized approach to the underlying principles that guide regulation, which currently differ among jurisdictions notably through the US s sectoral approach to data privacy regulation and the EU s more universal one. Minimum regulatory standards are not a solution they are often not sufficient to reduce complexity, as they do not stop countries from introducing additional provisions. 17 As a step in this direction, governments should continue to dialogue with providers to better understand the impact of regulatory interventions. Data protection authorities can play an important role in interpreting and harmonizing legal frameworks to more effectively meet user and provider needs for clearly understandable and authoritative guidance about their respective responsibilities, the protections accorded to them, and the recourse available in the event of breaches.

COMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY,

COMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY, COMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY, 28-29 JUNE 2011 The Seoul Declaration on the Future of the Internet Economy adopted at the 2008 OECD

More information

The NREN cloud strategy should be aligned with the European and national policies, but also with the strategies of the member institutions.

The NREN cloud strategy should be aligned with the European and national policies, but also with the strategies of the member institutions. 4 External influences PESTLE Analysis A PESTLE analysis is a useful tool to support the investigation and decision process relating to cloud services. PESTLE in general covers Political, Economic, Social,

More information

Cloud Computing: Legal Risks and Best Practices

Cloud Computing: Legal Risks and Best Practices Cloud Computing: Legal Risks and Best Practices A Bennett Jones Presentation Toronto, Ontario Lisa Abe-Oldenburg, Partner Bennett Jones LLP November 7, 2012 Introduction Security and Data Privacy Recent

More information

The NREN s core activities are in providing network and associated services to its user community that usually comprises:

The NREN s core activities are in providing network and associated services to its user community that usually comprises: 3 NREN and its Users The NREN s core activities are in providing network and associated services to its user community that usually comprises: Higher education institutions and possibly other levels of

More information

Is Cloud ERP Really Cheaper?

Is Cloud ERP Really Cheaper? Is Cloud ERP Really Cheaper? A Simple Guide to Understanding the Differences Between Cloud and On- Premise Distribution Software This guide attempts to outline all of the principal considerations that

More information

National Cyber Security Policy -2013

National Cyber Security Policy -2013 National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information

More information

Adoption, Approaches & Attitudes

Adoption, Approaches & Attitudes Adoption, Approaches & Attitudes The Future of Cloud Computing in the Public and Private Sectors A Global Cloud Computing Study Sponsored by JUNE 2011 TABLE OF CONTENTS Executive Summary... 1 Methodology

More information

Privacy in the Cloud A Microsoft Perspective

Privacy in the Cloud A Microsoft Perspective A Microsoft Perspective November 2010 The information contained in this document represents the current view of Microsoft Corp. on the issues discussed as of the date of publication. Because Microsoft

More information

White paper Reaping Business Value from a Hybrid Cloud Strategy

White paper Reaping Business Value from a Hybrid Cloud Strategy White paper Fujitsu Hybrid Cloud Services White paper Reaping Business Value from a Hybrid Cloud Strategy How to embrace a hybrid cloud model to maximize the benefits of public and private cloud services

More information

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org 1 Disclaimers This presentation provides education on Cloud Computing and its security

More information

How to ensure control and security when moving to SaaS/cloud applications

How to ensure control and security when moving to SaaS/cloud applications How to ensure control and security when moving to SaaS/cloud applications Stéphane Hurtaud Partner Information & Technology Risk Deloitte Laurent de la Vaissière Directeur Information & Technology Risk

More information

The Road to Convergence

The Road to Convergence A UBM TECHWEB WHITE PAPER SEPTEMBER 2012 The Road to Convergence Six keys to getting there with the most confidence and the least risk. Brought to you by The Road to Convergence Six keys to getting there

More information

CPNI VIEWPOINT 01/2010 CLOUD COMPUTING

CPNI VIEWPOINT 01/2010 CLOUD COMPUTING CPNI VIEWPOINT 01/2010 CLOUD COMPUTING MARCH 2010 Acknowledgements This viewpoint is based upon a research document compiled on behalf of CPNI by Deloitte. The findings presented here have been subjected

More information

Application of Data Protection Concepts to Cloud Computing

Application of Data Protection Concepts to Cloud Computing Application of Data Protection Concepts to Cloud Computing By Denitza Toptchiyska Abstract: The fast technological development and growing use of cloud computing services require implementation of effective

More information

A clearer view. Security, compliance, and the cloud

A clearer view. Security, compliance, and the cloud A clearer view Security, compliance, and the cloud 2 A Clearer View ecurñ This document examines the current regulatory climate around the cloud and explains what to look for from a security standpoint

More information

RE: ITI Comments on Korea s Proposed Bill for the Development of Cloud Computing and Protection of Users

RE: ITI Comments on Korea s Proposed Bill for the Development of Cloud Computing and Protection of Users August 19, 2012 Korean Communications Commission Via e-mail to: ycs@kcc.go.kr RE: ITI Comments on Korea s Proposed Bill for the Development of Cloud Computing and Protection of Users Dear Director Yang:

More information

Why You Should Consider the Cloud

Why You Should Consider the Cloud INTERSYSTEMS WHITE PAPER Why You Should Consider the Cloud In 2014, we ll see every major player make big investments to scale up Cloud, mobile, and big data capabilities, and fiercely battle for the hearts

More information

Cloud Computing Security Considerations

Cloud Computing Security Considerations Cloud Computing Security Considerations Roger Halbheer, Chief Security Advisor, Public Sector, EMEA Doug Cavit, Principal Security Strategist Lead, Trustworthy Computing, USA January 2010 1 Introduction

More information

Why Join BSA? A Vital Resource for Software Companies. The many reasons why software companies join BSA OUR VALUE PROPOSITION

Why Join BSA? A Vital Resource for Software Companies. The many reasons why software companies join BSA OUR VALUE PROPOSITION Why Join BSA? The many reasons why software companies join BSA OUR VALUE PROPOSITION A membership in BSA The Software Alliance provides you a seat at the table with the world s leading software companies.

More information

Privacy in the Cloud Computing Era. A Microsoft Perspective

Privacy in the Cloud Computing Era. A Microsoft Perspective Privacy in the Cloud Computing Era A Microsoft Perspective November 2009 The information contained in this document represents the current view of Microsoft Corp. on the issues discussed as of the date

More information

Cloud Computing in Higher Education: A Guide to Evaluation and Adoption

Cloud Computing in Higher Education: A Guide to Evaluation and Adoption Cloud Computing in Higher Education: A Guide to Evaluation and Adoption Executive Summary Public cloud computing delivering infrastructure, services, and software on demand through the network offers attractive

More information

Article 29 Working Party Issues Opinion on Cloud Computing

Article 29 Working Party Issues Opinion on Cloud Computing Client Alert Global Regulatory Enforcement If you have questions or would like additional information on the material covered in this Alert, please contact one of the authors: Cynthia O Donoghue Partner,

More information

Exploring the Future of Cloud Computing:

Exploring the Future of Cloud Computing: Exploring the Future of Cloud Computing: Riding the Next Wave of Technology-Driven Transformation World Economic Forum In partnership with Accenture 2010 About this report This World Economic Forum report

More information

NETWORK SECURITY FOR SMALL AND MID-SIZE BUSINESSES

NETWORK SECURITY FOR SMALL AND MID-SIZE BUSINESSES NETWORK SECURITY FOR SMALL AND MID-SIZE BUSINESSES September, 2015 Derek E. Brink, CISSP, Vice President and Research Fellow IT Security and IT GRC Report Highlights p2 p4 p6 p7 SMBs need to adopt a strategy

More information

Data Protection Act 1998. Guidance on the use of cloud computing

Data Protection Act 1998. Guidance on the use of cloud computing Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered

More information

Moving Network Management from OnSite to SaaS. Key Challenges and How NMSaaS Helps Solve Them

Moving Network Management from OnSite to SaaS. Key Challenges and How NMSaaS Helps Solve Them Moving Network Management from OnSite to SaaS Key Challenges and How NMSaaS Helps Solve Them Executive Summary In areas such as sales force automation and customer relationship management, cloud-based

More information

engagement will not only ensure the best possible law, but will also promote the law s successful implementation.

engagement will not only ensure the best possible law, but will also promote the law s successful implementation. US-China Business Council Comments on The Draft Cybersecurity Law On behalf of the approximately 210 members of the US-China Business Council (USCBC), we appreciate the opportunity to provide comments

More information

Managing business risk

Managing business risk Managing business risk What senior managers need to know about business continuity bell.ca/businesscontinuity Information and Communications Technology (ICT) has become more vital than ever to the success

More information

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT A Review List This paper was put together with Security in mind, ISO, and HIPAA, for guidance as you move into a cloud deployment Dr.

More information

AskAvanade: Answering the Burning Questions around Cloud Computing

AskAvanade: Answering the Burning Questions around Cloud Computing AskAvanade: Answering the Burning Questions around Cloud Computing There is a great deal of interest in better leveraging the benefits of cloud computing. While there is a lot of excitement about the cloud,

More information

Summary of responses to the public consultation on Cloud computing run by CNIL from October to December 2011 and analysis by CNIL

Summary of responses to the public consultation on Cloud computing run by CNIL from October to December 2011 and analysis by CNIL Summary of responses to the public consultation on Cloud computing run by CNIL from October to December 2011 and analysis by CNIL 1. Definition of Cloud Computing In the public consultation, CNIL defined

More information

Benefits and risks of cloud computing

Benefits and risks of cloud computing Benefits and risks of cloud computing Stephen Turner Known-Quantity.com and Holy Family University ABSTRACT Cloud computing vendors maintain data away from the facilities of their customers. This is compelling

More information

HYBRID CLOUDS DEFINING A SUSTAINABLE STRATEGY DR. RAGHU P. PUSHPAKATH KRISHNAKUMAR GOPINATHAN SACHIN KANOTH MADAKKARA

HYBRID CLOUDS DEFINING A SUSTAINABLE STRATEGY DR. RAGHU P. PUSHPAKATH KRISHNAKUMAR GOPINATHAN SACHIN KANOTH MADAKKARA HYBRID CLOUDS DEFINING A SUSTAINABLE STRATEGY DR. RAGHU P. PUSHPAKATH KRISHNAKUMAR GOPINATHAN SACHIN KANOTH MADAKKARA Executive Summary While a number of organizations are gaining experience and increased

More information

Unleashing the Potential of Cloud Computing in Europe - What is it and what does it mean for me?

Unleashing the Potential of Cloud Computing in Europe - What is it and what does it mean for me? EUROPEAN COMMISSION MEMO Brussels, 27 September 2012 Unleashing the Potential of Cloud Computing in Europe - What is it and what does it mean for me? See also IP/12/1025 What is Cloud Computing? Cloud

More information

Enterprise Data Protection

Enterprise Data Protection PGP White Paper June 2007 Enterprise Data Protection Version 1.0 PGP White Paper Enterprise Data Protection 2 Table of Contents EXECUTIVE SUMMARY...3 PROTECTING DATA EVERYWHERE IT GOES...4 THE EVOLUTION

More information

Some Specific Parawise Suggestinons. 2. An application which collects and analyzes this data for further consolidation and,

Some Specific Parawise Suggestinons. 2. An application which collects and analyzes this data for further consolidation and, Comments by Amcham India on draft Internet of Things (IoT) Policy released by the Department of Electronics & Information Technology (DeitY), on October 16, 2014 Standards The Draft IoT Policy already

More information

WhitePaper. Private Cloud Computing Essentials

WhitePaper. Private Cloud Computing Essentials Private Cloud Computing Essentials The 2X Private Cloud Computing Essentials This white paper contains a brief guide to Private Cloud Computing. Contents Introduction.... 3 About Private Cloud Computing....

More information

Moving Applications To Cloud

Moving Applications To Cloud Whitepaper Jaya Arvind Krishna Mandira Shah Determining and implementing an IT strategy for any enterprise involves deliberating if current or new applications can be offered via the Cloud. The purpose

More information

Managed Hosting: Best Practices to Support Education Strategy in the Career College Sector

Managed Hosting: Best Practices to Support Education Strategy in the Career College Sector Managed Hosting: Best Practices to Support Education Strategy in the Career College Sector Online learning is playing a critical role in the delivery of Teaching and Learning and the overall experience

More information

Secure Your Cloud and Outsourced Business with Privileged Identity Management

Secure Your Cloud and Outsourced Business with Privileged Identity Management Secure Your Cloud and Outsourced Business with Privileged Identity Management Table of Contents Executive Summary... 3 Understanding Privilege... 3 Do All Service Providers Get It?... 5 Managing Privilege

More information

Sytorus Information Security Assessment Overview

Sytorus Information Security Assessment Overview Sytorus Information Assessment Overview Contents Contents 2 Section 1: Our Understanding of the challenge 3 1 The Challenge 4 Section 2: IT-CMF 5 2 The IT-CMF 6 Section 3: Information Management (ISM)

More information

Can security conscious businesses really adopt the Cloud safely?

Can security conscious businesses really adopt the Cloud safely? Can security conscious businesses really adopt the Cloud safely? January 2014 1 Phone: 01304 814800 Fax: 01304 814899 info@ Contents Executive overview The varied Cloud security landscape How risk assessment

More information

Without the need to purchase hardware, software licenses, or implementation services, an organization can deploy cloud computing rapidly.

Without the need to purchase hardware, software licenses, or implementation services, an organization can deploy cloud computing rapidly. This paper seeks to help in that process. It provides a high-level overview of cloud computing models (discussed previously), outlines some of the important benefits it could deliver to higher education,

More information

Cyber Security Recommendations October 29, 2002

Cyber Security Recommendations October 29, 2002 Cyber Security Recommendations October 29, 2002 Leading Co-Chair (Asia/Oceania) Co-Chair (Americas) Co-Chair (Europe/Africa) Dr. Hiroki Arakawa Executive Vice President NTT Data Corporation Richard Brown

More information

TOP 3. Reasons to Give Insiders a Unified Identity

TOP 3. Reasons to Give Insiders a Unified Identity TOP 3 Reasons to Give Insiders a Unified Identity Although much publicity around computer security points to hackers and other outside attacks, insider threats can be particularly insidious and dangerous,

More information

Testimony of Peter Allgeier President Coalition of Services Industries (CSI)

Testimony of Peter Allgeier President Coalition of Services Industries (CSI) Testimony of Peter Allgeier President Coalition of Services Industries (CSI) Hearing On International Data Flows: Promoting Digital Trade in the 21st Century House Committee on the Judiciary Subcommittee

More information

Benefits and risks of cloud computing

Benefits and risks of cloud computing Stephen Turner Known-Quantity.com and Holy Family University ABSTRACT Cloud computing vendors maintain data away from the facilities of their customers. This is compelling because it enables companies

More information

Cloud Computing: Contracting and Compliance Issues for In-House Counsel

Cloud Computing: Contracting and Compliance Issues for In-House Counsel International In-house Counsel Journal Vol. 6, No. 23, Spring 2013, 1 Cloud Computing: Contracting and Compliance Issues for In-House Counsel SHAHAB AHMED Director Legal and Corporate Affairs, Microsoft,

More information

Technology. Building Your Cloud Strategy with Accenture

Technology. Building Your Cloud Strategy with Accenture Technology Building Your Cloud Strategy with Accenture 2 Cloud computing, in its simplest form, allows companies to procure technology as services, including infrastructure, applications, platforms and

More information

What You Need to Know About CLOUD INFORMATION PROTECTION SOLUTIONS

What You Need to Know About CLOUD INFORMATION PROTECTION SOLUTIONS What You Need to Know About CLOUD INFORMATION PROTECTION SOLUTIONS Table of Contents Cloud Adoption Drivers Key Capabilities and Technologies Usability and User Experience Security Technology Architecture

More information

An Evaluation Framework for Selecting an Enterprise Cloud Provider

An Evaluation Framework for Selecting an Enterprise Cloud Provider An Evaluation Framework for Selecting an Enterprise Cloud Provider WHITE PAPER This White Paper is intended for senior IT leaders of global enterprises considering a new cloud solution or expanding an

More information

Accenture Risk Management. Industry Report. Life Sciences

Accenture Risk Management. Industry Report. Life Sciences Accenture Risk Management Industry Report Life Sciences Risk management as a source of competitive advantage and high performance in the life sciences industry Risk management that enables long-term competitive

More information

A discussion on Does cloud computing payback? Another in Inecom s series of Insight white papers to help improve your business process

A discussion on Does cloud computing payback? Another in Inecom s series of Insight white papers to help improve your business process INSIGHTS A discussion on Does cloud computing payback? Another in Inecom s series of Insight white papers to help improve your business process One of the issues with discussing cloud solutions, is trying

More information

Software as a Service Offers Broadening Appeal for Small and Medium-Sized Discrete Manufacturers

Software as a Service Offers Broadening Appeal for Small and Medium-Sized Discrete Manufacturers Software as a Service Offers Broadening Appeal for Small and Medium-Sized Discrete Manufacturers WHITE PAPER Sponsored by: SAP Simon Ellis November 2010 IDC MANUFACTURING INSIGHTS OPINION Software as a

More information

Technology. Building Your Cloud Strategy with Accenture

Technology. Building Your Cloud Strategy with Accenture Technology Building Your Cloud Strategy with Accenture 2 Cloud computing, in its simplest form, allows companies to procure technology as services, including infrastructure, applications, platforms and

More information

Why cloud backup? Top 10 reasons

Why cloud backup? Top 10 reasons Why cloud backup? Top 10 reasons HP Autonomy solutions Table of contents 3 Achieve disaster recovery with secure offsite cloud backup 4 Free yourself from manual and complex tape backup tasks 4 Get predictable

More information

Eliminating End User and Application Downtime. Continuous Availability for your Business Applications

Eliminating End User and Application Downtime. Continuous Availability for your Business Applications Eliminating End User and Application Downtime Continuous Availability for your Business Applications March 2010 Table of Contents Introduction... 3 Availability vs. Ecosystem Availability... 3 Cost, Complexity,

More information

BACKUP IS DEAD: Introducing the Data Protection Lifecycle, a new paradigm for data protection and recovery WHITE PAPER

BACKUP IS DEAD: Introducing the Data Protection Lifecycle, a new paradigm for data protection and recovery WHITE PAPER BACKUP IS DEAD: Introducing the Data Protection Lifecycle, a new paradigm for data protection and recovery Despite decades of research and development into backup and data protection, enterprise customers

More information

Can Cloud Database PaaS Solutions Replace In-House Systems?

Can Cloud Database PaaS Solutions Replace In-House Systems? Can Cloud Database PaaS Solutions Replace In-House Systems? Abstract: With the advent of Platform-as-a-Service as a viable alternative to traditional database solutions, there is a great deal of interest

More information

Three secrets of UC success: culture, choice and the cloud.

Three secrets of UC success: culture, choice and the cloud. WHITEPAPER Three secrets of UC success: Beyond expectation. www.azzurricommunications.co.uk Introduction. Unified Communications (UC) brings together multiple real-time and offline communication tools

More information

Why you should ConsIder The Cloud

Why you should ConsIder The Cloud I N T E R S Y S T E M S D I S C U S S I O N P A P E R Why you should ConsIder The Cloud "In 2014, we' ll see every major player make big investments to scale up Cloud, mobile, and big data capabilities,

More information

The case for Application Delivery over Application Deployment

The case for Application Delivery over Application Deployment 01 Table of Contents Executive Summary... 3 The case for Application Delivery over Application Deployment... 4 Application Delivery Challenges and ADaaS... 5 Business Benefits of ADaaS... 6 Conclusion...

More information

Annex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015

Annex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015 Annex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015 The following comprises a checklist of areas that genomic research organizations or consortia (collectively referred

More information

Securing the Microsoft Cloud

Securing the Microsoft Cloud Securing the Microsoft Cloud Page 1 Securing the Microsoft Cloud Microsoft recognizes that trust is necessary for organizations and customers to fully embrace and benefit from cloud services. We are committed

More information

Cloud Computing and the Software Industry December 2009

Cloud Computing and the Software Industry December 2009 Cloud Computing and the Software Industry December 2009 In recent years, cloud computing has emerged as an important trend in information technology. As the world s foremost advocate for the software industry,

More information

GET CLOUD EMPOWERED. SEE HOW THE CLOUD CAN TRANSFORM YOUR BUSINESS.

GET CLOUD EMPOWERED. SEE HOW THE CLOUD CAN TRANSFORM YOUR BUSINESS. GET CLOUD EMPOWERED. SEE HOW THE CLOUD CAN TRANSFORM YOUR BUSINESS. Cloud computing is as much a paradigm shift in data center and IT management as it is a culmination of IT s capacity to drive business

More information

Cloud security architecture

Cloud security architecture ericsson White paper Uen 284 23-3244 January 2015 Cloud security architecture from process to deployment The Trust Engine concept and logical cloud security architecture presented in this paper provide

More information

GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000. CEO EDS Corporation

GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000. CEO EDS Corporation GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000 Issue Chair: Issue Sherpa: Dick Brown CEO EDS Corporation Bill Poulos EDS Corporation Tel: (202) 637-6708

More information

The Evolution of Application Acceleration:

The Evolution of Application Acceleration: WHITE PAPER The Evolution of Application Acceleration: From Server Load Balancers to Application Delivery Controllers www.crescendonetworks.com Corporate Headquarters 6 Yoni Netanyahu Street Or-Yehuda

More information

The cloud - ULTIMATE GAME CHANGER ===========================================

The cloud - ULTIMATE GAME CHANGER =========================================== The cloud - ULTIMATE GAME CHANGER =========================================== When it comes to emerging technologies, there is one word that has drawn more controversy than others: The Cloud. With cloud

More information

A Guide to Common Cloud Security Concerns. Why You Can Stop Worrying and Start Benefiting from SaaS

A Guide to Common Cloud Security Concerns. Why You Can Stop Worrying and Start Benefiting from SaaS A Guide to Common Cloud Security Concerns Why You Can Stop Worrying and Start Benefiting from SaaS T he headlines read like a spy novel: Russian hackers access the President s email. A cyber attack on

More information

GETTING THE MOST FROM THE CLOUD. A White Paper presented by

GETTING THE MOST FROM THE CLOUD. A White Paper presented by GETTING THE MOST FROM THE CLOUD A White Paper presented by Why Move to the Cloud? CLOUD COMPUTING the latest evolution of IT services delivery is a scenario under which common business applications are

More information

Reasons to Migrate to VMware vcloud Service Providers

Reasons to Migrate to VMware vcloud Service Providers The cloud market represents a critical arena in which alternate visions are competing to assert dominance. For example, one view is driven by the idea that cloud sprawl, unforeseen costs and IT s lack

More information

Optimizing the Data Center for Today s Federal Government

Optimizing the Data Center for Today s Federal Government WHITE PAPER: OPTIMIZING THE DATA CENTER FOR TODAY S FEDERAL......... GOVERNMENT............................... Optimizing the Data Center for Today s Federal Government Who should read this paper CIOs,

More information

A Close-up View of Microsoft Azure Adoption

A Close-up View of Microsoft Azure Adoption Cloud A Close-up View of Microsoft Azure Adoption Business Decision-Makers are Driving Cloud Trends Contents Introduction 3 Key Trends 4 Rates of evaluation and adoption of Azure are high 5 The business

More information

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape WHITE PAPER: SYMANTEC GLOBAL INTELLIGENCE NETWORK 2.0.... ARCHITECTURE.................................... Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Who

More information

WHITE PAPER Risk, Cost and Quality: Key Factors for Outsourcing QA and Testing

WHITE PAPER Risk, Cost and Quality: Key Factors for Outsourcing QA and Testing WHITE PAPER Risk, Cost and Quality: Key Factors for Outsourcing QA and Testing In association with: TCS Marianne Kolding December 2012 Ed Cordin IDC OPINION IDC EMEA, 389 Chiswick High Road, London, W4

More information

WHITE PAPER. How to choose and implement your cloud strategy

WHITE PAPER. How to choose and implement your cloud strategy WHITE PAPER How to choose and implement your cloud strategy INTRODUCTION Cloud computing has the potential to tip strategic advantage away from large established enterprises toward SMBs or startup companies.

More information

Consumer Goods and Services

Consumer Goods and Services Accenture Risk Management Industry Report Consumer Goods and Services 2011 Global Risk Management Point of View Consumer Goods and Services 2011 Global Risk Management Point of View Consumer Goods and

More information

Achieve the Five Holy Grails of Business with the Cloud

Achieve the Five Holy Grails of Business with the Cloud Achieve the Five Holy Grails of Business with the oip technology represents a radical shift in the traditional IT model, but like most game-changing developments, it s a simple idea that makes so much

More information

CLOUD COMPUTING. 11 December 2013 TOWNSHIP OF KING TATTA 1

CLOUD COMPUTING. 11 December 2013 TOWNSHIP OF KING TATTA 1 CLOUD COMPUTING (outsourcing records storage) TATTA SRINIVASA RECORDS MANAGER 11 December 2013 TOWNSHIP OF KING TATTA 1 Cloud computing A style of computing where scalable and elasticity ITenabled capabilities

More information

Privacy and Data Protection

Privacy and Data Protection Hewlett-Packard Company 3000 Hanover Street Palo Alto, CA 94304 hp.com HP Policy Position Privacy and Data Protection Current Global State of Privacy and Data Protection The rapid expansion and pervasiveness

More information

Simplifying Human Resource Management

Simplifying Human Resource Management Simplifying Human Resource Management The Drive For Less Complexity And More Cost Control Executive Summary Today, there are Oracle Human Capital Management (HCM) solutions available to optimize every

More information

GET CLOUD EMPOWERED. SEE HOW THE CLOUD CAN TRANSFORM YOUR BUSINESS.

GET CLOUD EMPOWERED. SEE HOW THE CLOUD CAN TRANSFORM YOUR BUSINESS. GET CLOUD EMPOWERED. SEE HOW THE CLOUD CAN TRANSFORM YOUR BUSINESS. Cloud computing is as much a paradigm shift in data center and IT management as it is a culmination of IT s capacity to drive business

More information

WHY CLOUD BACKUP: TOP 10 REASONS

WHY CLOUD BACKUP: TOP 10 REASONS WHITE PAPER DATA PROTECTION WHY CLOUD BACKUP: TOP 10 REASONS Contents REASON #1: Achieve disaster recovery with secure offsite cloud backup REASON #2: Freedom from manual and complex tape backup tasks

More information

Cisco Unified Communications and Collaboration technology is changing the way we go about the business of the University.

Cisco Unified Communications and Collaboration technology is changing the way we go about the business of the University. Data Sheet Cisco Optimization s Optimize Your Solution using Cisco Expertise and Leading Practices Optimizing Your Business Architecture Today, enabling business innovation and agility is about being able

More information

WHITE PAPER. A Practical Guide to Choosing the Right Clouds Option and Storage Service Levels. www.earthlink.com

WHITE PAPER. A Practical Guide to Choosing the Right Clouds Option and Storage Service Levels. www.earthlink.com WHITE PAPER A Practical Guide to Choosing the Right Clouds Option and Storage Service Levels www.earthlink.com 1 Our job in IT is to provide technology frameworks and an operating model to facilitate but

More information

A COLLABORATIVE FRAMEWORK FOR GUIDING POST-MFA ACTIONS. MFA Forum

A COLLABORATIVE FRAMEWORK FOR GUIDING POST-MFA ACTIONS. MFA Forum FOR GUIDING POST-MFA ACTIONS MFA Forum March 2005 CONTENTS The Context... 1 The MFA Forum... 1 The Need for Action... 2 Shared Responsibilities... 3 Overarching Principles... 5 The Roles of Individual

More information

White Paper on Financial Institution Vendor Management

White Paper on Financial Institution Vendor Management White Paper on Financial Institution Vendor Management Virtually every organization in the modern economy relies to some extent on third-party vendors that facilitate business operations in a wide variety

More information

Enterprise Collaboration: Avoiding the Productivity and Control Trade-Off

Enterprise Collaboration: Avoiding the Productivity and Control Trade-Off Enterprise Collaboration: Avoiding the Productivity and Control Trade-Off Marcia Kaufman COO and Principal Analyst Daniel Kirsch Senior Analyst Sponsored by Intralinks Enterprise Collaboration: Avoiding

More information

Solving for the Future: Addressing Major Societal Challenges Through Innovative Technology and Cloud Computing

Solving for the Future: Addressing Major Societal Challenges Through Innovative Technology and Cloud Computing Solving for the Future: Addressing Major Societal Challenges Through Innovative Technology and Cloud Computing As economic challenges persist in communities, nations, and regions around the world, the

More information

www.pwc.co.uk Cyber security Building confidence in your digital future

www.pwc.co.uk Cyber security Building confidence in your digital future www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in

More information

WRITTEN TESTIMONY OF NICKLOUS COMBS CHIEF TECHNOLOGY OFFICER, EMC FEDERAL ON CLOUD COMPUTING: BENEFITS AND RISKS MOVING FEDERAL IT INTO THE CLOUD

WRITTEN TESTIMONY OF NICKLOUS COMBS CHIEF TECHNOLOGY OFFICER, EMC FEDERAL ON CLOUD COMPUTING: BENEFITS AND RISKS MOVING FEDERAL IT INTO THE CLOUD WRITTEN TESTIMONY OF NICKLOUS COMBS CHIEF TECHNOLOGY OFFICER, EMC FEDERAL ON CLOUD COMPUTING: BENEFITS AND RISKS MOVING FEDERAL IT INTO THE CLOUD BEFORE THE COMMITTEE ON OVERSIGHT AND GOVERNMENT REFORM

More information

Microsoft appreciates the opportunity to respond to the Cloud Computing Consumer Protocol: ACS Discussion Paper July 2013 (the protocol).

Microsoft appreciates the opportunity to respond to the Cloud Computing Consumer Protocol: ACS Discussion Paper July 2013 (the protocol). Microsoft Submission to ACS Cloud Protocol Discussion Paper General Comments Microsoft appreciates the opportunity to respond to the Cloud Computing Consumer Protocol: ACS Discussion Paper July 2013 (the

More information

Just Net Coalition statement on Internet governance

Just Net Coalition statement on Internet governance Just Net Coalition statement on Internet governance (Just Net Coalition is a global coalition of civil society actors working on Internet governance issues) All states should work together to provide a

More information

THE PERSPECSYS KNOWLEDGE SERIES. Solving Privacy, Residency and Security in the Cloud. PerpecSys Inc. 2012. All rights reserved.

THE PERSPECSYS KNOWLEDGE SERIES. Solving Privacy, Residency and Security in the Cloud. PerpecSys Inc. 2012. All rights reserved. THE PERSPECSYS KNOWLEDGE SERIES Solving Privacy, Residency and Security in the Cloud Data Compliance and the Enterprise Cloud Computing is generating an incredible amount of excitement and interest from

More information

THOUGHT LEADERSHIP. Journey to Cloud 9. Navigating a path to secure cloud computing. Alastair Broom Solutions Director, Integralis

THOUGHT LEADERSHIP. Journey to Cloud 9. Navigating a path to secure cloud computing. Alastair Broom Solutions Director, Integralis Journey to Cloud 9 Navigating a path to secure cloud computing Alastair Broom Solutions Director, Integralis March 2012 Navigating a path to secure cloud computing 2 Living on Cloud 9 Cloud computing represents

More information

Securing Your Data In The Cloud: an insiders perspective

Securing Your Data In The Cloud: an insiders perspective Securing Your Data In The Cloud: an insiders perspective INTRODUCTION As the increasing use of cloud computing and other technologies is changing the world of data management, keeping your data private

More information