POWER PROTECT PROMOTE. Information Governance In The Cloud

Size: px
Start display at page:

Download "POWER PROTECT PROMOTE. Information Governance In The Cloud"

Transcription

1 Information Governance In The Cloud

2 Galina Datskovsky, Ph. D., CRM President of ARMA International SVP Information Governance Solutions

3 Topics Cloud Characteristics And Risks Information Management In The Cloud Preservation And Spoliation In The Cloud Collection In The Cloud ediscovery In The Cloud Authentication Of Cloud Data End Of LifeCycle Disposition End Of Vendor Relationship Mitigating Risk

4 The Cloud Is Here To Stay It is estimated that the annual global market for cloud computing will be $95 billion by 2013* By 2020 more than a third of the digital universe will either live in or pass through the cloud ** * Rachael King, How Cloud Computing Is Changing the World, Business Week, Aug. 4, 2008 ** IDC May 2010

5 What Is The Cloud? Services Software as a Service (SaaS) Platform as a Service (PaaS) Infrastructure as a Service (IaaS) Deployment Public Cloud Private Cloud Community Cloud Hybrid Cloud

6 Essential Characteristics Of Cloud Services On Demand Self Service Broad Network Access Measured Service Resource Pooling Rapid Elasticity

7 Cloud Benefits Cost Savings Pay as you go Pay for service; No hardware costs Risk of hardware or software loss shared (cost and down time) Scalability Elasticity Application Development Low Cost Experimentation Potential Compliance and Security benefits

8 Cloud Risks Access Security Location Segregation Spoliation Service (export, analytics, costs, backup and recovery) Ownership Privacy Integrity Authentication Vendor Continuity

9 What Is Different About The Cloud? Service Location Access Security Possession, Custody and Control

10 Are Corporate Obligations Different In The Cloud? Obligations remain the same: Storing data in the cloud does not relieve the organization of the responsibility for protection, management or retention of its data

11 Are Retention And Business Practices In The Cloud Different Than What We Do Now? No they are the same The more things change, the more they stay the same. Alphonse Karr GARP Risk Management EDRM and Discovery Processes Location Access and Security Possession, Custody and Control

12 Generally Accepted Recordkeeping Principles = GARP Accountability Transparency Integrity Protection Compliance Availability Retention Disposition

13 GARP Maturity Model A Qualitative and Quantitative Measurement by Principle Average Across All Principles Rating and Evaluation of an Organization s Overall Information Governance

14 GARP Maturity Model Five levels Less than 5 may be acceptable because of Organizational risk tolerance As measured against competitors GARP Maturity Level Color Status 5 GREEN 4 BLUE 3 AMBER 2 ORANGE 1 RED

15 Electronic Discovery Reference Model

16 Information Management In The Cloud Risks Access Security Privacy Location

17 Information Management In The Cloud Risk Mitigation Capture sufficient data when information created to govern it Handle information in compliance with reasonable, defensible, and auditable protocols: GARP Establish clear rules and privacy expectations for use, access and security of systems, including social networking sites - Not just perimeter security Work with the cloud provider to ensure information governance compliance Verify and limit data location

18 Preservation And Spoliation In The Cloud Risks Segregation/Identification Can cloud data be linked back to a custodian? Preservation Will the vendor comply with a legal hold, and how? Access Can you preserve on multi-user servers? Location Where is the data?

19 Preservation And Spoliation In The Cloud Risk Mitigation Information Management (GARP ) How information created, stored and removed from cloud - Metadata - Segregation/commingling Understand how vendor conducts backup and recovery In Agreement - Legal Hold Protocols: how will vendor will comply with legal hold - Access rights for preservation - Limit data storage locations - Limit or prohibit subcontracting by the cloud provider - Allocation of liability for loss

20 Collection In The Cloud Risks Segregation/Identification Access Export Options Costs

21 Collection In The Cloud Risk Mitigation Vendor Analytic Tools Metadata Access Rights for collection or forensic collection In Agreement - Export Options - Analytic Options - Cost Options

22 ediscovery In The Cloud Scenarios Discovery requests or third party Subpoenas to the entity Subpoenas to the third party cloud provider

23 ediscovery In The Cloud Risks Possession, custody and control - Who controls the data if a third party is hosting it? - Complicated by deployment models of cloud computing the more third parties involved (through subcontracts, public cloud, etc.), the more complicated ownership gets

24 ediscovery In The Cloud Risk Mitigation In Agreement - Ownership - Access - Notice Obligation - Steps provider will take in response to subpoena - Cost Apportionment - Allocation of liability for wrongful disclosure

25 Authentication Of Cloud Data Risk Mitigation Chain of Custody - Can vendor track creation, modification and access to your information contemporaneously through lifecycle - System and Access Logs - In Agreement

26 Is This The End? End of Information LifeCycle in the Cloud Disposition options: transfer, destruction Most vendors are not focused on disposition they are more likely to recover deleted items than to prove something was permanently deleted End of Relationship with your Cloud Vendor? What are the obligations for returning data upon termination, or if the vendor goes out of business?

27 Risk Mitigation At The End Risk Mitigation In Agreement - Data Disposition Protocols - Data Transfer and Ownership - Agree on fees for data transfer and disposition

28 Risk Mitigation Summary Outline Risks Weigh Risk vs. Reward Investigate Provider Audit Practices Include Important Issues in the Vendor Agreement Consult with Counsel Consult Relevant Guidelines

29 Questions

CLOUD COMPUTING. 11 December 2013 TOWNSHIP OF KING TATTA 1

CLOUD COMPUTING. 11 December 2013 TOWNSHIP OF KING TATTA 1 CLOUD COMPUTING (outsourcing records storage) TATTA SRINIVASA RECORDS MANAGER 11 December 2013 TOWNSHIP OF KING TATTA 1 Cloud computing A style of computing where scalable and elasticity ITenabled capabilities

More information

Retention & Disposition of Records Residing in a Public Cloud: A Risk Management Approach

Retention & Disposition of Records Residing in a Public Cloud: A Risk Management Approach Retention & Disposition of Records Residing in a Public Cloud: A Risk Management Approach Patricia C. Franks, PhD, IGP, CA, CRM International Symposium October 17, 2014 to mitigate risk Not all information

More information

THIS WEBCAST WILL BEGIN SHORTLY

THIS WEBCAST WILL BEGIN SHORTLY If you have any technical problems with the Webcast or the streaming audio, please contact us via email at: webcast@acc.com Thank You! THIS WEBCAST WILL BEGIN SHORTLY Cloud-Based vs. On-Premise ediscovery

More information

How the Information Governance Reference Model (IGRM) Complements ARMA International s Generally Accepted Recordkeeping Principles (GARP )

How the Information Governance Reference Model (IGRM) Complements ARMA International s Generally Accepted Recordkeeping Principles (GARP ) The Electronic Discovery Reference Model (EDRM) How the Information Governance Reference Model (IGRM) Complements ARMA International s Generally Accepted Recordkeeping Principles (GARP ) December 2011

More information

Information Technology: This Year s Hot Issue - Cloud Computing

Information Technology: This Year s Hot Issue - Cloud Computing Information Technology: This Year s Hot Issue - Cloud Computing Presented by: Alan Sutin Global IP & Technology Practice Group GREENBERG TRAURIG, LLP ATTORNEYS AT LAW WWW.GTLAW.COM 2011. All rights reserved.

More information

IT Forum 2-11-2013 UW-Madison Records Management Program. UW Archives and Records Management

IT Forum 2-11-2013 UW-Madison Records Management Program. UW Archives and Records Management IT Forum 2-11-2013 UW-Madison Records Management Program Records facilitate and sustaining day-to-day university operations. Records support organizational activities such as student admissions, research

More information

Generally Accepted Recordkeeping Principles How Does Your Program Measure Up?

Generally Accepted Recordkeeping Principles How Does Your Program Measure Up? Generally Accepted Recordkeeping Principles How Does Your Program Measure Up? GARP Overview Creation Purpose GARP Overview Creation About ARMA International and the Generally Accepted Recordkeeping Principles

More information

Strategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security

Strategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security Strategic Compliance & Securing the Cloud Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security Complexity and Challenges 2 Complexity and Challenges Compliance Regulatory entities

More information

Retention & Disposition in the Cloud Do you really have control?

Retention & Disposition in the Cloud Do you really have control? InterPARES Trust Retention & Disposition in the Cloud Do you really have control? Franks Patricia, San Jose State University, San Jose, USA and Alan Doyle, University of British Columbia, Canada October

More information

What We ll Cover. Defensible Disposal of Records and Information Litigation Holds Information Governance the future of records management programs

What We ll Cover. Defensible Disposal of Records and Information Litigation Holds Information Governance the future of records management programs What We ll Cover Foundations of Records and Information Management Creating a Defensible Retention Schedule Paper v. Electronic Records Organization and Retrieval of Records and Information Records Management

More information

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com Introduction to Cloud Computing Srinath Beldona srinath_beldona@yahoo.com Agenda Pre-requisites Course objectives What you will learn in this tutorial? Brief history Is cloud computing new? Why cloud computing?

More information

Electronic Records Storage Options and Overview

Electronic Records Storage Options and Overview Electronic Records Storage Options and Overview www.archives.nysed.gov Objectives Understand the options for electronic records storage, including cloud-based storage Evaluate the options best suited for

More information

UNIVERSITY OF MANITOBA PROCEDURE

UNIVERSITY OF MANITOBA PROCEDURE UNIVERSITY OF MANITOBA PROCEDURE Procedure: Parent Policy: Effective Date: June 23, 2015 Revised Date: Review Date: June 23, 2025 Approving Body: Authority: Responsible Executive Officer: Delegate: Contact:

More information

3 "C" Words You Need to Know: Custody - Control - Cloud

3 C Words You Need to Know: Custody - Control - Cloud 3 "C" Words You Need to Know: Custody - Control - Cloud James Christiansen Chief Information Security Officer Evantix, Inc. Bradley Schaufenbuel Director of Information Security Midland States Bank Session

More information

Protecting Official Records as Evidence in the Cloud Environment. Anne Thurston

Protecting Official Records as Evidence in the Cloud Environment. Anne Thurston Protecting Official Records as Evidence in the Cloud Environment Anne Thurston Introduction In a cloud computing environment, government records are held in virtual storage. A service provider looks after

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources

More information

Key Considerations of Regulatory Compliance in the Public Cloud

Key Considerations of Regulatory Compliance in the Public Cloud Key Considerations of Regulatory Compliance in the Public Cloud W. Noel Haskins-Hafer CRMA, CISA, CISM, CFE, CGEIT, CRISC 10 April, 2013 w_haskins-hafer@intuit.com Disclaimer Unless otherwise specified,

More information

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com WHITE PAPER The IT Manager's Role in Proactive Information Retention and Disposition Management: Balancing ediscovery and Compliance Obligations with IT Operational and Budget Constraints Sponsored by:

More information

Storage Clouds. Karthik Ramarao. Director of Strategy and Technology and CTO Asia Pacific, NetApp Board Director SNIA South Asia

Storage Clouds. Karthik Ramarao. Director of Strategy and Technology and CTO Asia Pacific, NetApp Board Director SNIA South Asia Deploying PRESENTATION Public, TITLE Private, GOES HERE and Hybrid Storage Clouds Karthik Ramarao Director of Strategy and Technology and CTO Asia Pacific, NetApp Board Director SNIA South Asia SNIA Legal

More information

John Essner, CISO Office of Information Technology State of New Jersey

John Essner, CISO Office of Information Technology State of New Jersey John Essner, CISO Office of Information Technology State of New Jersey http://csrc.nist.gov/publications/nistpubs/800-144/sp800-144.pdf Governance Compliance Trust Architecture Identity and Access Management

More information

The Keys to the Cloud: The Essentials of Cloud Contracting

The Keys to the Cloud: The Essentials of Cloud Contracting The Keys to the Cloud: The Essentials of Cloud Contracting September 30, 2014 Bert Kaminski Assistant General Counsel, Oracle North America Ken Adler Partner, Loeb & Loeb LLP Akiba Stern Partner, Loeb

More information

Guideline for Outsourcing Records Storage to the Cloud

Guideline for Outsourcing Records Storage to the Cloud A R M A I N T E R N A T I O N A L Guideline for Outsourcing Records Storage to the Cloud Guideline for Outsourcing Records Storage to the Cloud An ARMA International Guideline Consulting Editor: Cynthia

More information

Data Protection Act 1998. Guidance on the use of cloud computing

Data Protection Act 1998. Guidance on the use of cloud computing Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered

More information

In ediscovery and Litigation Support Repositories MPeterson, June 2009

In ediscovery and Litigation Support Repositories MPeterson, June 2009 XAM PRESENTATION (extensible TITLE Access GOES Method) HERE In ediscovery and Litigation Support Repositories MPeterson, June 2009 Contents XAM Introduction XAM Value Propositions XAM Use Cases Digital

More information

What s the Path? Information Life-cycle part of Vendor Management

What s the Path? Information Life-cycle part of Vendor Management Disclaimer The materials provided in this presentation and any comments or information provided by the presenter are for educational purposes only and nothing conveyed or provided should be considered

More information

Allison Stanton Director of E-Discovery U.S. Department of Justice, Civil Division

Allison Stanton Director of E-Discovery U.S. Department of Justice, Civil Division Allison Stanton Director of E-Discovery U.S. Department of Justice, Civil Division Jason R. Baron Director of Litigation National Archives and Records Administration 1 Overview Cloud Computing Defined

More information

Fundamental Concepts and Models

Fundamental Concepts and Models Fundamental Concepts and Models 1 1. Roles and Boundaries Could provider The organization that provides the cloud based IT resources Cloud consumer An organization (or a human) that has a formal contract

More information

Top 10 Cloud Risks That Will Keep You Awake at Night

Top 10 Cloud Risks That Will Keep You Awake at Night Top 10 Cloud Risks That Will Keep You Awake at Night Shankar Babu Chebrolu Ph.D., Vinay Bansal, Pankaj Telang Photo Source flickr.com .. Amazon EC2 (Cloud) to host Eng. Lab testing. We want to use SalesForce.com

More information

NightOwlDiscovery. EnCase Enterprise/ ediscovery Strategic Consulting Services

NightOwlDiscovery. EnCase Enterprise/ ediscovery Strategic Consulting Services EnCase Enterprise/ ediscovery Strategic Consulting EnCase customers now have a trusted expert advisor to meet their discovery goals. NightOwl Discovery offers complete support for the EnCase Enterprise

More information

A United States Based Telecommunications Firm Employs FTI Harvester to Address ediscovery Challenges in Microsoft SharePoint

A United States Based Telecommunications Firm Employs FTI Harvester to Address ediscovery Challenges in Microsoft SharePoint BUYER CASE STUDY A United States Based Telecommunications Firm Employs FTI Harvester to Address ediscovery Challenges in Microsoft SharePoint Vivian Tero IDC OPINION Global Headquarters: 5 Speen Street

More information

KEY TERMS FOR SERVICE LEVEL AGREEMENTS TO SUPPORT CLOUD FORENSICS

KEY TERMS FOR SERVICE LEVEL AGREEMENTS TO SUPPORT CLOUD FORENSICS Chapter 12 KEY TERMS FOR SERVICE LEVEL AGREEMENTS TO SUPPORT CLOUD FORENSICS Keyun Ruan, Joshua James, Joe Carthy and Tahar Kechadi Abstract As the adoption of cloud services increases, the importance

More information

LEGAL ISSUES IN CLOUD COMPUTING

LEGAL ISSUES IN CLOUD COMPUTING LEGAL ISSUES IN CLOUD COMPUTING RITAMBHARA AGRAWAL INTELLIGERE 1 CLOUD COMPUTING Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing

More information

AskAvanade: Answering the Burning Questions around Cloud Computing

AskAvanade: Answering the Burning Questions around Cloud Computing AskAvanade: Answering the Burning Questions around Cloud Computing There is a great deal of interest in better leveraging the benefits of cloud computing. While there is a lot of excitement about the cloud,

More information

A CommVault Business-Value White Paper Understanding and Mitigating the Legal Risks of Cloud Computing

A CommVault Business-Value White Paper Understanding and Mitigating the Legal Risks of Cloud Computing A CommVault Business-Value White Paper Understanding and Mitigating the Legal Risks of Cloud Computing Shannon Smith, Esq., ediscovery and Archiving Specialist for CommVault Systems Bennett B. Borden,

More information

Review of Cloud Risks: What if

Review of Cloud Risks: What if Review of Cloud Risks: What if Availability of Data Ownership of Data Security of Information Privacy Controls there is no way to prevent Twitter from sharing your data (like when & where you tweeted from)

More information

Fundamentals of Information Governance:

Fundamentals of Information Governance: Fundamentals of Information Governance: More than just records management PETER KURILECZ CRM CA IGP Hard as I try, I simply cannot make myself understand how Information Governance isn t just a different

More information

Cloud Computing. What is Cloud Computing?

Cloud Computing. What is Cloud Computing? Cloud Computing What is Cloud Computing? Cloud computing is where the organization outsources data processing to computers owned by the vendor. Primarily the vendor hosts the equipment while the audited

More information

BDO CONSULTING FORENSIC TECHNOLOGY SERVICES

BDO CONSULTING FORENSIC TECHNOLOGY SERVICES BDO CONSULTING FORENSIC TECHNOLOGY SERVICES MARCH 2013 AGENDA Introduction About BDO Consulting Computer Forensics & E-Discovery Practice Current Trends Case Studies Q&A Page 2 Michael Barba Managing Director,

More information

Cloud Security and Privacy

Cloud Security and Privacy Cloud Security and Privacy Tim Brown Vice President and Chief Architect Security Management CA, Inc. July 2009 Agenda > The Evolution to Cloud computing > Opportunities for the Customer and the Vendor

More information

How Microsoft is taking Privacy by Design to Work. Alan Chan National Technology Officer Microsoft Hong Kong 7 May 2015

How Microsoft is taking Privacy by Design to Work. Alan Chan National Technology Officer Microsoft Hong Kong 7 May 2015 How Microsoft is taking Privacy by Design to Work Alan Chan National Technology Officer Microsoft Hong Kong 7 May 2015 Agenda Introducing the New Microsoft Microsoft privacy principle Protecting privacy

More information

CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES:

CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES: CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES: Privacy Responsibilities and Considerations Cloud computing is the delivery of computing services over the Internet, and it offers many potential

More information

Reduce Cost and Risk during Discovery E-DISCOVERY GLOSSARY

Reduce Cost and Risk during Discovery E-DISCOVERY GLOSSARY 2016 CLM Annual Conference April 6-8, 2016 Orlando, FL Reduce Cost and Risk during Discovery E-DISCOVERY GLOSSARY Understanding e-discovery definitions and concepts is critical to working with vendors,

More information

Private vs. Public Cloud Solutions

Private vs. Public Cloud Solutions Private vs. Public Cloud Solutions Selecting the right cloud technology to fit your organization Introduction As cloud storage evolves, different cloud solutions have emerged. Our first cloud whitepaper

More information

SECURING HEALTH INFORMATION IN THE CLOUD. Feisal Nanji, Executive Director, Techumen feisal@techumen.com

SECURING HEALTH INFORMATION IN THE CLOUD. Feisal Nanji, Executive Director, Techumen feisal@techumen.com SECURING HEALTH INFORMATION IN THE CLOUD Feisal Nanji, Executive Director, Techumen feisal@techumen.com Conflict of Interest Disclosure Feisal Nanji, MPP, CISSP Has no real or apparent conflicts of interest

More information

Cloud Computing In a Post Snowden World. Guy Wiggins, Kelley Drye & Warren LLP Alicia Lowery Rosenbaum, Microsoft Legal and Corporate Affairs

Cloud Computing In a Post Snowden World. Guy Wiggins, Kelley Drye & Warren LLP Alicia Lowery Rosenbaum, Microsoft Legal and Corporate Affairs Cloud Computing In a Post Snowden World Guy Wiggins, Kelley Drye & Warren LLP Alicia Lowery Rosenbaum, Microsoft Legal and Corporate Affairs Guy Wiggins Director of Practice Management Kelley Drye & Warren

More information

Cloud Computing; What is it, How long has it been here, and Where is it going?

Cloud Computing; What is it, How long has it been here, and Where is it going? Cloud Computing; What is it, How long has it been here, and Where is it going? David Losacco, CPA, CIA, CISA Principal January 10, 2013 Agenda The Cloud WHAT IS THE CLOUD? How long has it been here? Where

More information

Todd Heythaler Information Governance & ediscovery. Emerging Technologies Work Group

Todd Heythaler Information Governance & ediscovery. Emerging Technologies Work Group Todd Heythaler Information Governance & ediscovery Trends & Landscapes State & Local Government Challenges Approach to ediscovery & FOIL requests Getting Started Trends & Landscape Requests for Information

More information

A COALFIRE PERSPECTIVE. Moving to the Cloud. NCHELP Spring Convention Panel May 2012

A COALFIRE PERSPECTIVE. Moving to the Cloud. NCHELP Spring Convention Panel May 2012 A COALFIRE PERSPECTIVE Moving to the Cloud A Summary of Considerations for Implementing Cloud Migration Plans into New Business Platforms NCHELP Spring Convention Panel May 2012 DALLAS DENVER LOS ANGELES

More information

Allison Stanton, Director of E-Discovery U.S. Department of Justice, Civil Division. U.S. Department of Agriculture

Allison Stanton, Director of E-Discovery U.S. Department of Justice, Civil Division. U.S. Department of Agriculture Allison Stanton, Director of E-Discovery U.S. Department of Justice, Civil Division Benjamin Young, Assistant General Counsel U.S. Department of Agriculture 1 Disclaimer The views expressed in this presentation

More information

R Scott Murchison CRM

R Scott Murchison CRM R Scott Murchison CRM SVP Information Governance Service Kaizen InfoSource LLC Information Management s Impacts on Litigation and ediscovery Relationship of IM and Litigation Role of Information Manager

More information

Cloud Service Contracts: An Issue of Trust

Cloud Service Contracts: An Issue of Trust Cloud Service Contracts: An Issue of Trust Marie Demoulin Assistant Professor Université de Montréal École de Bibliothéconomie et des Sciences de l Information (EBSI) itrust 2d International Symposium,

More information

CLOUD STORAGE SECURITY INTRODUCTION. Gordon Arnold, IBM

CLOUD STORAGE SECURITY INTRODUCTION. Gordon Arnold, IBM CLOUD STORAGE SECURITY INTRODUCTION Gordon Arnold, IBM SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individual members may use this material

More information

New Technologies and Information Governance: Everything you need to know and more. April 14, 2016 Galina Datskovsky, Ph.D., CRM CEO, Vaporstream

New Technologies and Information Governance: Everything you need to know and more. April 14, 2016 Galina Datskovsky, Ph.D., CRM CEO, Vaporstream New Technologies and Information Governance: Everything you need to know and more April 14, 2016 Galina Datskovsky, Ph.D., CRM CEO, Vaporstream About the speaker: Galina Datskovsky, Ph.D., CRM Dr. Galina

More information

When Security, Privacy and Forensics Meet in the Cloud

When Security, Privacy and Forensics Meet in the Cloud When Security, Privacy and Forensics Meet in the Cloud Dr. Michaela Iorga, Senior Security Technical Lead for Cloud Computing Co-Chair, Cloud Security WG Co-Chair, Cloud Forensics Science WG March 26,

More information

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT A Review List This paper was put together with Security in mind, ISO, and HIPAA, for guidance as you move into a cloud deployment Dr.

More information

Cloud Computing Questions to Ask

Cloud Computing Questions to Ask Cloud Computing Questions to Ask Pursuant to the Federal Cloud Computing Strategy 1 and the Cloud First policy, agencies are required to evaluate safe, secure cloud computing options before making any

More information

NCTA Cloud Architecture

NCTA Cloud Architecture NCTA Cloud Architecture Course Specifications Course Number: 093019 Course Length: 5 days Course Description Target Student: This course is designed for system administrators who wish to plan, design,

More information

Healthcare Data in the Cloud A Gathering Storm of Governance. Erik Pupo Senior Manager, Deloitte

Healthcare Data in the Cloud A Gathering Storm of Governance. Erik Pupo Senior Manager, Deloitte Healthcare Data in the Cloud A Gathering Storm of Governance Erik Pupo Senior Manager, Deloitte Objectives for this Webinar Explain what the healthcare cloud really means Highlight emerging challenges

More information

On Premise Vs Cloud: Selection Approach & Implementation Strategies

On Premise Vs Cloud: Selection Approach & Implementation Strategies On Premise Vs Cloud: Selection Approach & Implementation Strategies Session ID#:10143 Prepared by: Praveen Kumar Practice Manager AST Corporation @Praveenk74 REMINDER Check in on the COLLABORATE mobile

More information

Objectives. Agenda. Public clouds. A Primer on Moving to the Cloud HIPAA, Encryption, ediscovery, Oh My!

Objectives. Agenda. Public clouds. A Primer on Moving to the Cloud HIPAA, Encryption, ediscovery, Oh My! 1 Objectives A Primer on Moving to the Cloud HIPAA, Encryption, ediscovery, Oh My! Tatiana Melnik, Attorney April Sage, MHI, CPHIMS Describe the differences between public clouds, private clouds, and hybrid

More information

Hosted ediscovery: Adoption, Use, and Results. September, 2011

Hosted ediscovery: Adoption, Use, and Results. September, 2011 Hosted ediscovery: Adoption, Use, and Results September, 2011 SaaS is a Delivery Model Of Cloud Computing Attitudes About SaaS Are Still Evolving Legal Community Embracing SaaS In general, are you leaning

More information

Storage Clouds. Enterprise Architecture and the Cloud. Author and Presenter: Marty Stogsdill, Oracle

Storage Clouds. Enterprise Architecture and the Cloud. Author and Presenter: Marty Stogsdill, Oracle Deploying PRESENTATION Public, TITLE Private, GOES HERE and Hybrid Storage Clouds Enterprise Architecture and the Cloud Author and Presenter: Marty Stogsdill, Oracle SNIA Legal Notice The material contained

More information

Xact Data Discovery. Xact Data Discovery. Xact Data Discovery. Xact Data Discovery. ediscovery for DUMMIES LAWYERS. MDLA TTS August 23, 2013

Xact Data Discovery. Xact Data Discovery. Xact Data Discovery. Xact Data Discovery. ediscovery for DUMMIES LAWYERS. MDLA TTS August 23, 2013 MDLA TTS August 23, 2013 ediscovery for DUMMIES LAWYERS Kate Burke Mortensen, Esq. kburke@xactdatadiscovery.com Scott Polus, Director of Forensic Services spolus@xactdatadiscovery.com 1 Where Do I Start??

More information

Cloud Computing and Records Management

Cloud Computing and Records Management GPO Box 2343 Adelaide SA 5001 Tel (+61 8) 8204 8773 Fax (+61 8) 8204 8777 DX:336 srsarecordsmanagement@sa.gov.au www.archives.sa.gov.au Cloud Computing and Records Management June 2015 Version 1 Version

More information

Cloud Computing. Cloud computing:

Cloud Computing. Cloud computing: Cloud computing: Cloud Computing A model of data processing in which high scalability IT solutions are delivered to multiple users: as a service, on a mass scale, on the Internet. Network services offering:

More information

Big Data, Big Risk, Big Rewards. Hussein Syed

Big Data, Big Risk, Big Rewards. Hussein Syed Big Data, Big Risk, Big Rewards Hussein Syed Discussion Topics Information Security in healthcare Cyber Security Big Data Security Security and Privacy concerns Security and Privacy Governance Big Data

More information

Data Sheet: Archiving Symantec Enterprise Vault Discovery Accelerator Accelerate e-discovery and simplify review

Data Sheet: Archiving Symantec Enterprise Vault Discovery Accelerator Accelerate e-discovery and simplify review Accelerate e-discovery and simplify review Overview provides IT/Legal liaisons, investigators, lawyers, paralegals and HR professionals the ability to search, preserve and review information across the

More information

Recommendations for companies planning to use Cloud computing services

Recommendations for companies planning to use Cloud computing services Recommendations for companies planning to use Cloud computing services From a legal standpoint, CNIL finds that Cloud computing raises a number of difficulties with regard to compliance with the legislation

More information

Cloud Computing Security Issues

Cloud Computing Security Issues Copyright Marchany 2010 Cloud Computing Security Issues Randy Marchany, VA Tech IT Security, marchany@vt.edu Something Old, Something New New: Cloud describes the use of a collection of services, applications,

More information

Securing The Cloud With Confidence. Opinion Piece

Securing The Cloud With Confidence. Opinion Piece Securing The Cloud With Confidence Opinion Piece 1 Securing the cloud with confidence Contents Introduction 03 Don t outsource what you don t understand 03 Steps towards control 04 Due diligence 04 F-discovery

More information

ESI Risk Assessment: Critical in Light of the new E-discovery and notification laws

ESI Risk Assessment: Critical in Light of the new E-discovery and notification laws ESI Risk Assessment: Critical in Light of the new E-discovery and notification laws Scott Bailey, CISM Christopher Sobota, J.D. Enterprise Risk Management Group Disclaimer This presentation is for informational

More information

and the world is built on information

and the world is built on information Let s Build a Smarter Planet Starting with a more dynamic and the world is built on information Guy England Storage sales manager CEEMEA englag@ae.ibm.com Tel: +971 50 55 77 614 IBM Building a Smarter

More information

Cloud Computing in the Federal Sector: What is it, what to worry about, and what to negotiate.

Cloud Computing in the Federal Sector: What is it, what to worry about, and what to negotiate. Cloud Computing in the Federal Sector: What is it, what to worry about, and what to negotiate. Presented by: Sabrina M. Segal, USITC, Counselor to the Inspector General, Sabrina.segal@usitc.gov Reference

More information

NAVIGATING THE MAZE. 2013 LEGAL CIO ROUNDTABLE RETREAT March 3-5, 2013 The Boulders Hotel Carefree, Arizona. 2013 CIO Roundtable Retreat

NAVIGATING THE MAZE. 2013 LEGAL CIO ROUNDTABLE RETREAT March 3-5, 2013 The Boulders Hotel Carefree, Arizona. 2013 CIO Roundtable Retreat NAVIGATING THE MAZE 2013 LEGAL CIO ROUNDTABLE RETREAT March 3-5, 2013 The Boulders Hotel Carefree, Arizona Information Governance Define your Process and Framework Agenda Information Governance Defined

More information

Cloud Computing: Implications and Guidelines for Records Management in Kentucky State Government

Cloud Computing: Implications and Guidelines for Records Management in Kentucky State Government Cloud Computing: Implications and Guidelines for Records Management in Kentucky State Government (Version 1.0 August 2012) Many information technology (IT) departments and resource allocators are considering

More information

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Best Practices for Security in the Cloud John Essner, Director

More information

Top 10 Tips and Tools for Meeting Regulatory Requirements and Managing Cloud Computing Providers in the United States and Around the World

Top 10 Tips and Tools for Meeting Regulatory Requirements and Managing Cloud Computing Providers in the United States and Around the World Top 10 Tips and Tools for Meeting Regulatory Requirements and Managing Cloud Computing Providers in the United States and Around the World Web Hull Privacy, Data Protection, & Compliance Advisor Society

More information

Cloud Computing: Legal Risks and Best Practices

Cloud Computing: Legal Risks and Best Practices Cloud Computing: Legal Risks and Best Practices A Bennett Jones Presentation Toronto, Ontario Lisa Abe-Oldenburg, Partner Bennett Jones LLP November 7, 2012 Introduction Security and Data Privacy Recent

More information

Cloud Backup Recovery and Restore Requirements

Cloud Backup Recovery and Restore Requirements Cloud Backup Recovery and Restore Requirements Ashar Baig, Asigra Chairman, SNIA Cloud Backup Recovery and Restore (BURR) Special Interest Group (SIG) SNIA Legal Notice The material contained in this tutorial

More information

Information Management Advice 18 - Managing records in business systems Part 1: Checklist for decommissioning business systems

Information Management Advice 18 - Managing records in business systems Part 1: Checklist for decommissioning business systems Information Management Advice 18 - Managing records in business systems Part 1: Checklist for decommissioning business systems Introduction Agencies have systems which hold business information, such as

More information

The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing

The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing Your Platform of Choice The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing Mark Cravotta EVP Sales and Service SingleHop LLC Talk About Confusing? Where do I start?

More information

Things You Need to Know About Cloud Backup

Things You Need to Know About Cloud Backup Things You Need to Know About Cloud Backup Over the last decade, cloud backup, recovery and restore (BURR) options have emerged as a secure, cost-effective and reliable method of safeguarding the increasing

More information

Best Practices in Electronic Record Retention

Best Practices in Electronic Record Retention I. Some Key Considerations In Whether To Engage An E-Discovery Vendor (Or Vendors) A. It is difficult to decide whether to retain a vendor if you don t know what your organization can do and at what cost.

More information

Information Governance Challenges and Solutions

Information Governance Challenges and Solutions Challenges and Solutions In this modern information age, organizations struggle with two things: the problem of too much electronic data and how to govern the data. Each year, the speed of information

More information

ZL UNIFIED ARCHIVE A Project Manager s Guide to E-Discovery. ZL TECHNOLOGIES White Paper

ZL UNIFIED ARCHIVE A Project Manager s Guide to E-Discovery. ZL TECHNOLOGIES White Paper ZL UNIFIED ARCHIVE A Project Manager s Guide to E-Discovery ZL TECHNOLOGIES White Paper PAGE 1 A project manager s guide to e-discovery In civil litigation, the parties in a dispute are required to provide

More information

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer What is Cloud Computing A model for enabling convenient, on-demand network access to a shared pool of configurable

More information

The Cloud Computing Revolution: Beyond the Hype

The Cloud Computing Revolution: Beyond the Hype The Cloud Computing Revolution: Beyond the Hype KEN ADLER Partner and Chair, Technology and Outsourcing Practice Group Loeb & Loeb LLP Outsourcing in Financial Services Program October 19, 2010 Overview

More information

Electronic Discovery How can I be prepared? September 2010

Electronic Discovery How can I be prepared? September 2010 Electronic Discovery How can I be prepared? September 2010 Presented by Brian Wilkinson, Director of ediscovery & Computer Forensics brian.wilkinson@us.pwc.com 410-659-3473 Table of Contents Page 1 Electronic

More information

Security, Compliance & Risk Management for Cloud Relationships. Adnan Dakhwe, MS, CISA, CRISC, CRMA Safeway Inc. In-Depth Seminars D32

Security, Compliance & Risk Management for Cloud Relationships. Adnan Dakhwe, MS, CISA, CRISC, CRMA Safeway Inc. In-Depth Seminars D32 Security, Compliance & Risk Management for Cloud Relationships Adnan Dakhwe, MS, CISA, CRISC, CRMA Safeway Inc. In-Depth Seminars D32 Introductions & Poll Organization is leveraging the Cloud? Organization

More information

Security Challenges of Cloud Providers ( Wie baue ich sichere Luftschlösser in den Wolken )

Security Challenges of Cloud Providers ( Wie baue ich sichere Luftschlösser in den Wolken ) 23.11.2015 Jan Philipp Manager, Cyber Risk Services Enterprise Architect Security Challenges of Cloud Providers ( Wie baue ich sichere Luftschlösser in den Wolken ) Purpose today Introduction» Who I am

More information

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com W H I T E P A P E R L e v e r a g e R e c o r d s M a n a g e m e n t B e s t P r a c t i c e s t

More information

Architecting the Cloud

Architecting the Cloud Architecting the Cloud Sumanth Tarigopula Director, India Center, Best Shore Applications Services 2011Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without

More information

Cloud Security Panel: Real World GRC Experiences. ISACA Atlanta s 2013 Annual Geek Week

Cloud Security Panel: Real World GRC Experiences. ISACA Atlanta s 2013 Annual Geek Week Cloud Security Panel: Real World GRC Experiences ISACA Atlanta s 2013 Annual Geek Week Agenda Introductions Recap: Overview of Cloud Computing and Why Auditors Should Care Reference Materials Panel/Questions

More information

Successful Implementation of Enterprise-Wide Information Governance

Successful Implementation of Enterprise-Wide Information Governance Successful Implementation of Enterprise-Wide Information Governance ARMA Austin Monthly Meeting November 13, 2014 TAD C. HOWINGTON, CRM, FAI Manager, E- Records and Information Governance Kinder- Morgan

More information

Managing Cloud Computing Risk

Managing Cloud Computing Risk Managing Cloud Computing Risk Presented By: Dan Desko; Manager, Internal IT Audit & Risk Advisory Services Schneider Downs & Co. Inc. ddesko@schneiderdowns.com Learning Objectives Understand how to identify

More information

BUSINESS MANAGEMENT SUPPORT

BUSINESS MANAGEMENT SUPPORT BUSINESS MANAGEMENT SUPPORT Business disadvantages using cloud computing? Author: Maikel Mardjan info@bm-support.org 2010 BM-Support.org Foundation. All rights reserved. EXECUTIVE SUMMARY Cloud computing

More information

Cloud Computing in a Regulated Environment

Cloud Computing in a Regulated Environment Computing in a Regulated Environment White Paper by David Stephenson CTG Regulatory Compliance Subject Matter Expert February 2014 CTG (UK) Limited, 11 Beacontree Plaza, Gillette Way, READING, Berks RG2

More information

As IDC looks back on ediscovery corporate technology priorities among the highly litigated industries in 2009, the following takeaways emerge:

As IDC looks back on ediscovery corporate technology priorities among the highly litigated industries in 2009, the following takeaways emerge: C U S T O M E R N E E D S A N D S T R A T E G I E S e D i s c o v e r y P r i o r i t i e s A m o n g C o r p o r a t i o n s f r o m H i g h l y R e g u l a t e d a n d L i t i g a t e d I n d u s t r

More information