CLOUD COMPUTING. 11 December 2013 TOWNSHIP OF KING TATTA 1

Size: px
Start display at page:

Download "CLOUD COMPUTING. 11 December 2013 TOWNSHIP OF KING TATTA 1"

Transcription

1 CLOUD COMPUTING (outsourcing records storage) TATTA SRINIVASA RECORDS MANAGER 11 December 2013 TOWNSHIP OF KING TATTA 1

2 Cloud computing A style of computing where scalable and elasticity ITenabled capabilities are delivered as a service to external customers using Internet technologies Cloud computing is a model for enabling convenient, on demand network access to a shared pool of configurable computing resources (e.g. network, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. 11 December 2013 TOWNSHIP OF KING TATTA 2

3 10 internet technologies 1. Video and Podcasting-YouTube, Teacher stube, EduTube etc. 2. Presentation tools-slideshare, Vuvox etc. 3. Collaboration & Brainstorming-Mindmap, Bubbl.us etc. 4. Blogs & Blogging-Blogger, Wordpress etc. 5. Wikis-Wetpaint etc. 6. Social Networking-Facebook, Myspace etc. 7. IM-Meebo etc. 8. Twitter 9. Virtual Worlds-Secondlife etc. 10. RSS Feeds 11 December 2013 TOWNSHIP OF KING TATTA 3

4 characteristics Scalability Elasticity Resource pooling Service 11 December 2013 TOWNSHIP OF KING TATTA 4

5 Cloud solutions Software as a Service (SaaS): The software is owned and/or managed remotely by one or more providers and accessed by users with web browsers over the internet. Software as a Service (SaaS) solutions generally use resource pooling and are often built on cloud infrastructure Hosted Applications: The application infrastructure is dedicated on an organization by organization basis 11 December 2013 TOWNSHIP OF KING TATTA 5

6 Cloud benefits Contd Benefits: Cost Savings It is a metered service (organization can often pay actual usage) Expenditures are operational and do not require all the cost to be spent up-front Scalability and elasticity- the needed capacity can expand and shrink, often on demand IT development costs can be eliminated as the application has already been developed Better cost control and faster implementation 11 December 2013 TOWNSHIP OF KING TATTA 6

7 Cloud benefits Value Creation Application development could be feasible if it done in the cloud Organization can launch new services for internal or external use and then increase or decrease scope as needed Since the capital outlay is zero Low cost experimentation and even project failure in a way that does not waste significant time and/or money Failing small in the cloud and learning from the experience can speed development cycles and increase efficiencies in future projects 11 December 2013 TOWNSHIP OF KING TATTA 7

8 Cloud risks Contd Need to be mitigated prior to outsourcing Accessibility Data security Data location Data segregation Data integrity Data ownership 11 December 2013 TOWNSHIP OF KING TATTA 8

9 Cloud risks Contd Need to be mitigated prior to outsourcing Accessibility Providers may state they have 24/7- no guarantee Find out what the provider is doing to prevent access outages, e.g. mirroring of servers at different locations, alternate internet routing outages, etc. 11 December 2013 TOWNSHIP OF KING TATTA 9

10 Cloud risks Contd Need to be mitigated prior to outsourcing Data Security- the security of the organization s data and access to the application is completely dependent on the service provider s policies, controls and staff Determine what these controls are and if they are as good as or better than internal controls would be Must have a protocol and agreement with the provider to lock down the data (initiate a legal hold) in the face of an obligation to preserve it to avoid spoliation issues and unwanted sanctions-legal documents 11 December 2013 TOWNSHIP OF KING TATTA 10

11 Cloud risks Contd Need to be mitigated prior to outsourcing Data Location- sharing resources can mean, in the worst case scenario The data and applications are not in a specific physically identifiable location (many cloud providers are global enterprises-have the ability to share resources and data in physical locations around the world) Strict data protection and privacy regulations forbidding data transfer beyond specific borders e.g. European Union Countries 11 December 2013 TOWNSHIP OF KING TATTA 11

12 Cloud risks Contd Need to be mitigated prior to outsourcing Data Segregation- When multiple organizations are sharing an application and resource e.g. the same server It is critical to know and understand the methods used to segregate and protect each organization s data from the others Commingling of data can make subsequent segregation problematic and confidential data could be inadvertently shared with others 11 December 2013 TOWNSHIP OF KING TATTA 12

13 Cloud risks Contd Need to be mitigated prior to outsourcing Data Integrity- Back up and recovery of the entire application, not jut the data, should be included in the provider s services. From records perspective, it is equally important that backup data is destroyed when required by retention schedules Audit trails are also needed to prove the integrity of electronic record s creation, change, and destruction 11 December 2013 TOWNSHIP OF KING TATTA 13

14 Cloud risks Need to be mitigated prior to outsourcing Data Ownership- Most organizations assume they own their data, but that is not always the case or not necessarily straight-forward. What if A contract canceled or not renewed, does the organization get its data back and how quickly? There is a contract dispute, can the service provider hold the organization s data hostage? The provider goes bankrupt or is acquired by another organization? Separating the data and the application, without application context, is the data still understandable or usable? 11 December 2013 TOWNSHIP OF KING TATTA 14

15 RETENTION AND DISPOSITION It does not relieve an organization of its information retention and management obligation Cloud service providers are focused on the storage and retrieval of information as needed for the particular application-not on records management Vendors may not familiar with records management standards and best practices Vendors will probably be more prepared to hold information indefinitely than to ensure its timely and permanent destruction 11 December 2013 TOWNSHIP OF KING TATTA 15

16 Technology issues Contd Application Interface to Records Management Virtual Storage Most of the organizations change from dedicated servers and repositories to virtualized environments, clustered storage or private clouds for their information management Virtualization portends opportunities for cost cutting and more efficient use of resources as well as flexibility for the organization 11 December 2013 TOWNSHIP OF KING TATTA 16

17 Technology issues Virtual Storage It is possible to store records with a third party service providers in the cloud and feel confident that records are secure Care must be taken to ensure that the records are appropriately safe guarded and access is controlled The largest concern is that the management of the records is out of the organization s direct control It is vital that all parties understand their respective responsibilities as they relate to retention, access, security, destruction and exception management 11 December 2013 TOWNSHIP OF KING TATTA 17

18 Legal considerations Contd Records preservation for litigation Ephemeral Data Organizations using cloud technology should understand which ephemeral data might potentially warrant preservation in the event of litigation and how the service provider would enable such retention 11 December 2013 TOWNSHIP OF KING TATTA 18

19 Legal considerations Contd The Transnational Problem Organizations exporting data to the cloud may find that the data becomes subject to privacy or confidentiality rules of foreign countries EX: European Union Data may be subject to blocking -France 11 December 2013 TOWNSHIP OF KING TATTA 19

20 Recommendation to mitigate legal risks-contd Establish clear rules for employee use of corporate information systems that include use of systems outsourced to the cloud, including access to the employee s personal accounts The organization should monitor employee use and take appropriate disciplinary action when the rules are violated Social networking sites provide examples of the cloud being used for both personal and business purposes; using these types of sites for business purposes may allow information to be compromised unless specific policies and protection are in place 11 December 2013 TOWNSHIP OF KING TATTA 20

21 Recommendation to mitigate legal risks-contd Establish ownership of data and include language in any cloud provider s service contracts that addresses the organization s ownership. Prohibit subcontracting by the cloud provider or at least limit the number and location of subcontractors. This prohibition should contribute to data security by reassuring the organization that the party it contracted with is the only service provider. This can minimize or eliminate data transfers, in particular, cross-border data transfers 11 December 2013 TOWNSHIP OF KING TATTA 21

22 Recommendation to mitigate legal risks-contd Limit the location (s) where data are stored Data security Restrict data transfers and cross-borders Establish a mechanism with the cloud provider for communicating and implementing legal holds Make it clear in the service contract what the cloud provider s obligation is for implementing, and possibly managing legal holds 11 December 2013 TOWNSHIP OF KING TATTA 22

23 Recommendation to mitigate legal risks-contd Establish how data will be stored and segregated from or commingled with other organization s data-storage Storage confidential or vital records should be handled with their unique requirements in mind Storing such data in a separate location from anyone else s data or even other types of data from within the organization 11 December 2013 TOWNSHIP OF KING TATTA 23

24 Recommendation to mitigate legal risks-contd Establish access rights to data hosted by cloud providers This eliminates or at least reduce additional costs the cloud provider might impose for unusual access When an organization must produce data in response to a request for information, subpoena, or discovery request 11 December 2013 TOWNSHIP OF KING TATTA 24

25 Recommendation to mitigate legal risks-contd Establish the allocation of liability for loss or wrongful disclosure of data, preferably as part of the contract However, courts will likely hold the organization owning the data responsible for the event the owning organization will want the ability to hold the cloud provider liable for what it did (or failed to do) The service provider will usually seek to contractually reduce or eliminate any liability 11 December 2013 TOWNSHIP OF KING TATTA 25

26 Recommendation to mitigate legal risks Establish appropriate security and confidentiality measures to be taken by the cloud provider Including a communication plan for notification to the organization in the event of a breach By an unauthorized party of the provider s technology, even if it is believed that the organization s data was not effected Establish appropriate procedures and protocols for data disposition, which may include multi level approvals and audit trails 11 December 2013 TOWNSHIP OF KING TATTA 26

27 Vendor-related considerations-contd Information management practices It is possible for the vendor to replicate information to redundant systems both within its facility and elsewhere Where information will be stored Where information could be stored Vendor s policies concerning data backup and archiving 11 December 2013 TOWNSHIP OF KING TATTA 27

28 Vendor-related considerations-contd Audit Policies An organization external auditor may want to audit the vendor s facility and its practices relating to the security and management of records and information Security for cloud application is the point of integration In the past-the integration is always behind the firewall Cloud computing-integration is outside the firewall of the purchasing organization 11 December 2013 TOWNSHIP OF KING TATTA 28

29 Vendor-related considerations-contd Access Interruptions Internet access Internet service providers downtime Damage to cables Weather interference with satellite access at either vendor s or organization Part of any disaster recovery or business continuity plan should include how the organization will operate in the event the cloud providers services are not accessible 11 December 2013 TOWNSHIP OF KING TATTA 29

30 Vendor-related considerations-contd Privacy Organization must obtain, read, and understand the vendor s privacy policy Where organizations and vendor s policies conflict, additional contract negotiation will be required Vendor should be asked to identify how many and what type of personnel will have such access Vendor should be asked about its hiring and employee screening practices 11 December 2013 TOWNSHIP OF KING TATTA 30

31 Vendor-related considerations-contd Sub-Contracting To offer uninterrupted access, scalability and elasticity Need to have infrastructure and hardware in diverse global locations or depend on third parties for services such as storage mirroring or back up Do they have same security and privacy policies that vendor has? How is the information protected as it is transmitted between the vendor and its sub-contractors 11 December 2013 TOWNSHIP OF KING TATTA 31

32 Vendor-related considerations-contd Multi-Tenancy Multi tenancy model is where multiple clients or organizations store their information in a single instance of an application on the same server and/or in the same data store or repository Security-is the biggest challenge Is the multi-tenancy covered in the organizations own privacy and security policies? If not, formal understanding and guidance on this issue will be addressed and should involve input from IT,RIM and Legal departments 11 December 2013 TOWNSHIP OF KING TATTA 32

33 Vendor-related considerations-contd Public Cloud Allows open access in that anyone can contract for the services Public has little if any control over how the services are implemented Public can access services wherever there is an internet connection It may not be appropriate when information is covered under specific regulatory environments- Private cloud is the best substitute 11 December 2013 TOWNSHIP OF KING TATTA 33

34 Vendor-related considerations-contd Private Cloud It allows the customer to control how the service is supplied It allows data to be easily moved between the internal data centre and private cloud Access security is frequently controlled on the private cloud through organizations internal system It is protected by firewall The right to use and access is provided through the authentication and authorization of users 11 December 2013 TOWNSHIP OF KING TATTA 34

35 Vendor-related considerations-contd Hybrid Cloud It would be appropriate when there is a solution requiring ongoing exchange and connection between public users and private application With a hybrid cloud, integration at all layers (data, process, management and security) is essential Example: would be an externally facing customer relationship management (CRM) program that links to proprietary organizational data source. 11 December 2013 TOWNSHIP OF KING TATTA 35

36 Vendor-related considerations-contd Issues to be considered chose among Public, and Private How sophisticated is the solution and does it require complex integration between public and private? What is the security requirements for the type of information being managed? What if the information stored and managed deemed to be low-risk? What if the virtualized environment is prohibited? 11 December 2013 TOWNSHIP OF KING TATTA 36

37 Vendor-related considerations-contd Data Location Identify the location of the provider s repositories Identify where the provider may store the data Identify any third party providers the vendors may use and note the physical location of their operations Compliance with all applicable laws should be assured During contract negotiations, ensure the vendor is obligated by contract to store information where required, and validate that privacy issues are addressed 11 December 2013 TOWNSHIP OF KING TATTA 37

38 Vendor-related considerations-contd Data Backup and Recovery External service providers should offer demonstrative proof of backup data It is important to review the vendor s policy and practices for backing up th data prior to contract finalization Is the information being backed up to another system for redundancy-location What type of controls does the vendor have in place regarding access to the information Periodic tests should be performed to ensure that the backup recovery systems and process are working as specified in the contract or service level agreement 11 December 2013 TOWNSHIP OF KING TATTA 38

39 Vendor-related considerations-contd Data Retention If information is stored on virtual machines and can be spread among multiple locations and countries Each country s regulation can impact the retention time for that data Retention issues becomes more complicated The contract language should address the concerns The contract language needs to have provisions for the destruction of records on all media (including backups) when the retention period ends and for retaining information past the retention period in the event of legal hold 11 December 2013 TOWNSHIP OF KING TATTA 39

40 Vendor-related considerations-contd Physical Security The cloud provider s data centre must be evaluated for its geographical location and physical security features, including management of secured, authorized access There should be sign-in and sign-out sheets especially for any visitors Background checks should be performed on employees Contract terms should reflect all of these physical security requirements Allow the customer to conduct periodic facility audit 11 December 2013 TOWNSHIP OF KING TATTA 40

41 Vendor-related considerations-contd Environmental Conditions To ensure that no environmental issues exist Proximity to existing or potential environmental or industrial hazards The internal environment should be reviewed Proper temperature and humidity controls are in place Include appropriate language regarding environmental condition within the contract 11 December 2013 TOWNSHIP OF KING TATTA 41

42 Vendor-related considerations-contd Network Access Contract terms should address the network requirements Review the compatibility of the vendors architecture with the organizations Network saturation and bandwidth capacities should be investigated 11 December 2013 TOWNSHIP OF KING TATTA 42

43 Uptime Vendor-related considerations-contd No matter where information is stored System uptime must be a consideration Uninterrupted access to information is key to business operations Uptime requirements should be clearly defined and negotiated with the vendor 11 December 2013 TOWNSHIP OF KING TATTA 43

44 Vendor-related considerations-contd Vendor Continuity Review and validation of the vendor s credit worthiness should be performed by the organization to assess the vendor s long term viability The organizations contract should document the application, data, and platform migration strategies that will be used in the event that a vendor goes out of business or is acquired 11 December 2013 TOWNSHIP OF KING TATTA 44

45 Vendor-related considerations-contd Vendor Continuity During the negotiating process, the organization should devise contractual terms to provide flexibility in accessing data and define how the organizations information will continue to accessible during any migration The geopolitical climate needs to be assessed, as information could be compromised due to destabilization of the location Conduct a thorough risk assessment and review of the hosting country s current social, political, and economic conditions What strategies the vendor have in place Example: a mirror or backup in another country, to accommodate these concerns 11 December 2013 TOWNSHIP OF KING TATTA 45

46 summary Decision Making Process Weighing the benefits and risks of outsourcing records storage to the cloud Operational and cost concerns are paramount Appropriate protection for records and information must be in place as well RIM, IT, and Legal department staff should work together Checklist provide direction from a variety of perspectives-technology, Legal and Vendor related 11 December 2013 TOWNSHIP OF KING TATTA 46

47 Thank you TATTA SRINIVASA RECORDS MANAGER 11 December 2013 TOWNSHIP OF KING TATTA 47

Guideline for Outsourcing Records Storage to the Cloud

Guideline for Outsourcing Records Storage to the Cloud A R M A I N T E R N A T I O N A L Guideline for Outsourcing Records Storage to the Cloud Guideline for Outsourcing Records Storage to the Cloud An ARMA International Guideline Consulting Editor: Cynthia

More information

How To Manage Cloud Data Safely

How To Manage Cloud Data Safely Information Governance In The Cloud Galina Datskovsky, Ph. D., CRM President of ARMA International SVP Information Governance Solutions Topics Cloud Characteristics And Risks Information Management In

More information

Cloud Computing: Legal Risks and Best Practices

Cloud Computing: Legal Risks and Best Practices Cloud Computing: Legal Risks and Best Practices A Bennett Jones Presentation Toronto, Ontario Lisa Abe-Oldenburg, Partner Bennett Jones LLP November 7, 2012 Introduction Security and Data Privacy Recent

More information

Retention & Disposition in the Cloud Do you really have control?

Retention & Disposition in the Cloud Do you really have control? InterPARES Trust Retention & Disposition in the Cloud Do you really have control? Franks Patricia, San Jose State University, San Jose, USA and Alan Doyle, University of British Columbia, Canada October

More information

LEGAL ISSUES IN CLOUD COMPUTING

LEGAL ISSUES IN CLOUD COMPUTING LEGAL ISSUES IN CLOUD COMPUTING RITAMBHARA AGRAWAL INTELLIGERE 1 CLOUD COMPUTING Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing

More information

CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES:

CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES: CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES: Privacy Responsibilities and Considerations Cloud computing is the delivery of computing services over the Internet, and it offers many potential

More information

Cloud Computing and Records Management

Cloud Computing and Records Management GPO Box 2343 Adelaide SA 5001 Tel (+61 8) 8204 8773 Fax (+61 8) 8204 8777 DX:336 srsarecordsmanagement@sa.gov.au www.archives.sa.gov.au Cloud Computing and Records Management June 2015 Version 1 Version

More information

Private vs. Public Cloud Solutions

Private vs. Public Cloud Solutions Private vs. Public Cloud Solutions Selecting the right cloud technology to fit your organization Introduction As cloud storage evolves, different cloud solutions have emerged. Our first cloud whitepaper

More information

Data Protection Act 1998. Guidance on the use of cloud computing

Data Protection Act 1998. Guidance on the use of cloud computing Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered

More information

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Best Practices for Security in the Cloud John Essner, Director

More information

CLOUD COMPUTING ISSUES FOR SCHOOL DISTRICTS. Presented to the 2013 BRADLEY F. KIDDER LAW CONFERENCE. October 2, 2013

CLOUD COMPUTING ISSUES FOR SCHOOL DISTRICTS. Presented to the 2013 BRADLEY F. KIDDER LAW CONFERENCE. October 2, 2013 CLOUD COMPUTING ISSUES FOR SCHOOL DISTRICTS Presented to the 2013 BRADLEY F. KIDDER LAW CONFERENCE October 2, 2013 By: Diane M. Gorrow Soule, Leslie, Kidder, Sayward & Loughman, P.L.L.C. 220 Main Street

More information

John Essner, CISO Office of Information Technology State of New Jersey

John Essner, CISO Office of Information Technology State of New Jersey John Essner, CISO Office of Information Technology State of New Jersey http://csrc.nist.gov/publications/nistpubs/800-144/sp800-144.pdf Governance Compliance Trust Architecture Identity and Access Management

More information

How not to lose your head in the Cloud: AGIMO guidelines released

How not to lose your head in the Cloud: AGIMO guidelines released How not to lose your head in the Cloud: AGIMO guidelines released 07 December 2011 In brief The Australian Government Information Management Office has released a helpful guide on navigating cloud computing

More information

Insights into Cloud Computing

Insights into Cloud Computing This article was originally published in the November 2010 issue of the Intellectual Property & Technology Law Journal. ARTICLE Insights into Cloud Computing The basic point of cloud computing is to avoid

More information

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT A Review List This paper was put together with Security in mind, ISO, and HIPAA, for guidance as you move into a cloud deployment Dr.

More information

Electronic Records Storage Options and Overview

Electronic Records Storage Options and Overview Electronic Records Storage Options and Overview www.archives.nysed.gov Objectives Understand the options for electronic records storage, including cloud-based storage Evaluate the options best suited for

More information

Why You Should Consider Cloud- Based Email Archiving. A whitepaper by The Radicati Group, Inc.

Why You Should Consider Cloud- Based Email Archiving. A whitepaper by The Radicati Group, Inc. . The Radicati Group, Inc. 1900 Embarcadero Road, Suite 206 Palo Alto, CA 94303 Phone 650-322-8059 Fax 650-322-8061 http://www.radicati.com THE RADICATI GROUP, INC. Why You Should Consider Cloud- Based

More information

Legal Issues Associated with Cloud Computing. Laurin H. Mills May 13, 2009

Legal Issues Associated with Cloud Computing. Laurin H. Mills May 13, 2009 Legal Issues Associated with Cloud Computing Laurin H. Mills May 13, 2009 What Is Cloud Computing? The cloud is a metaphor for the Internet Leverages the connectivity of the Internet to optimize the utility

More information

Annex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015

Annex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015 Annex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015 The following comprises a checklist of areas that genomic research organizations or consortia (collectively referred

More information

AskAvanade: Answering the Burning Questions around Cloud Computing

AskAvanade: Answering the Burning Questions around Cloud Computing AskAvanade: Answering the Burning Questions around Cloud Computing There is a great deal of interest in better leveraging the benefits of cloud computing. While there is a lot of excitement about the cloud,

More information

EXIN Cloud Computing Foundation

EXIN Cloud Computing Foundation Sample Questions EXIN Cloud Computing Foundation Edition April 2013 Copyright 2013 EXIN All rights reserved. No part of this publication may be published, reproduced, copied or stored in a data processing

More information

Clarity in the Cloud. Defining cloud services and the strategic impact on businesses.

Clarity in the Cloud. Defining cloud services and the strategic impact on businesses. Clarity in the Cloud Defining cloud services and the strategic impact on businesses. Table of Contents Executive Summary... 3 Cloud Services... 4 Clarity within the Cloud... 4 Public Cloud Solution...

More information

LAWYERING IN THE CLOUD CRIB NOTES 2012 Charles F. Luce, Jr. coloradolegalethics.com/ (alpha release)

LAWYERING IN THE CLOUD CRIB NOTES 2012 Charles F. Luce, Jr. coloradolegalethics.com/ (alpha release) CHARLES LUCE S LAWYERING IN THE CLOUD CRIB NOTES 2012 Charles F. Luce, Jr. coloradolegalethics.com/ (alpha release) A. Cloud Computing Defined: n. A loosely defined term for any system providing access

More information

Cloud Computing and HIPAA Privacy and Security

Cloud Computing and HIPAA Privacy and Security Cloud Computing and HIPAA Privacy and Security This is just one example of the many online resources Practical Law Company offers. Christine A. Williams, Perkins Coie LLP, with PLC Employee Benefits &

More information

Cloud Computing. What is Cloud Computing?

Cloud Computing. What is Cloud Computing? Cloud Computing What is Cloud Computing? Cloud computing is where the organization outsources data processing to computers owned by the vendor. Primarily the vendor hosts the equipment while the audited

More information

Managing Cloud Computing Risk

Managing Cloud Computing Risk Managing Cloud Computing Risk Presented By: Dan Desko; Manager, Internal IT Audit & Risk Advisory Services Schneider Downs & Co. Inc. ddesko@schneiderdowns.com Learning Objectives Understand how to identify

More information

Wednesday, January 16, 2013

Wednesday, January 16, 2013 Attorney Advertising Prior results do not guarantee a similar outcome Models used are not clients but may be representative of clients 321 N. Clark Street, Suite 2800, Chicago, IL 60654 312.832.4500 Wednesday,

More information

Business white paper Top 10 reasons to choose Cloud-based Archiving

Business white paper Top 10 reasons to choose Cloud-based Archiving Business white paper Top 10 reasons to choose Cloud-based Archiving Table of contents 3 Reason 1: Equal or better security 4 Reason 2: Lower risk 4 Reason 3: Cost savings 5 Reason 4: Greater data access

More information

Risk Management of Outsourced Technology Services. November 28, 2000

Risk Management of Outsourced Technology Services. November 28, 2000 Risk Management of Outsourced Technology Services November 28, 2000 Purpose and Background This statement focuses on the risk management process of identifying, measuring, monitoring, and controlling the

More information

White Paper on Financial Institution Vendor Management

White Paper on Financial Institution Vendor Management White Paper on Financial Institution Vendor Management Virtually every organization in the modern economy relies to some extent on third-party vendors that facilitate business operations in a wide variety

More information

The Keys to the Cloud: The Essentials of Cloud Contracting

The Keys to the Cloud: The Essentials of Cloud Contracting The Keys to the Cloud: The Essentials of Cloud Contracting September 30, 2014 Bert Kaminski Assistant General Counsel, Oracle North America Ken Adler Partner, Loeb & Loeb LLP Akiba Stern Partner, Loeb

More information

micros MICROS Systems, Inc. Enterprise Information Security Policy (MEIP) August, 2013 Revision 8.0 MICROS Systems, Inc. Version 8.

micros MICROS Systems, Inc. Enterprise Information Security Policy (MEIP) August, 2013 Revision 8.0 MICROS Systems, Inc. Version 8. micros MICROS Systems, Inc. Enterprise Information Security Policy (MEIP) Revision 8.0 August, 2013 1 Table of Contents Overview /Standards: I. Information Security Policy/Standards Preface...5 I.1 Purpose....5

More information

Considerations for Outsourcing Records Storage to the Cloud

Considerations for Outsourcing Records Storage to the Cloud Considerations for Outsourcing Records Storage to the Cloud 2 Table of Contents PART I: Identifying the Challenges 1.0 Are we even allowed to move the records? 2.0 Maintaining Legal Control 3.0 From Storage

More information

Secure Cloud Computing through IT Auditing

Secure Cloud Computing through IT Auditing Secure Cloud Computing through IT Auditing 75 Navita Agarwal Department of CSIT Moradabad Institute of Technology, Moradabad, U.P., INDIA Email: nvgrwl06@gmail.com ABSTRACT In this paper we discuss the

More information

Module 1: Facilitated e-learning

Module 1: Facilitated e-learning Module 1: Facilitated e-learning CHAPTER 3: OVERVIEW OF CLOUD COMPUTING AND MOBILE CLOUDING: CHALLENGES AND OPPORTUNITIES FOR CAs... 3 PART 1: CLOUD AND MOBILE COMPUTING... 3 Learning Objectives... 3 1.1

More information

What Every User Needs To Know Before Moving To The Cloud. LawyerDoneDeal Corp.

What Every User Needs To Know Before Moving To The Cloud. LawyerDoneDeal Corp. What Every User Needs To Know Before Moving To The Cloud LawyerDoneDeal Corp. What Every User Needs To Know Before Moving To The Cloud 1 What is meant by Cloud Computing, or Going To The Cloud? A model

More information

UNIVERSITY OF MAINE SYSTEM STANDARDS FOR SAFEGUARDING INFORMATION ATTACHMENT C

UNIVERSITY OF MAINE SYSTEM STANDARDS FOR SAFEGUARDING INFORMATION ATTACHMENT C UNIVERSITY OF MAINE SYSTEM STANDARDS FOR SAFEGUARDING INFORMATION ATTACHMENT C This Attachment addresses the Contractor s responsibility for safeguarding Compliant Data and Business Sensitive Information

More information

CLOUD COMPUTING GUIDELINES FOR LAWYERS

CLOUD COMPUTING GUIDELINES FOR LAWYERS INTRODUCTION Legal practices are increasingly using cloud storage and software systems as an alternative to in-house data storage and IT programmes. The cloud has a number of advantages particularly flexibility

More information

What s the Path? Information Life-cycle part of Vendor Management

What s the Path? Information Life-cycle part of Vendor Management Disclaimer The materials provided in this presentation and any comments or information provided by the presenter are for educational purposes only and nothing conveyed or provided should be considered

More information

Information Technology: This Year s Hot Issue - Cloud Computing

Information Technology: This Year s Hot Issue - Cloud Computing Information Technology: This Year s Hot Issue - Cloud Computing Presented by: Alan Sutin Global IP & Technology Practice Group GREENBERG TRAURIG, LLP ATTORNEYS AT LAW WWW.GTLAW.COM 2011. All rights reserved.

More information

The Business Case for Cloud: Critical Legal, Business & Diligence Considerations

The Business Case for Cloud: Critical Legal, Business & Diligence Considerations The Business Case for Cloud: Critical Legal, Business & Diligence Considerations Presented by Janine Anthony Bowen, Esq., CIPP/US jbowen@jack-law.com (678) 823-6611 Janine Anthony Bowen, Esq., CIPP/US

More information

Legal Challenges for U.S. Healthcare Adopters of Cloud Computing

Legal Challenges for U.S. Healthcare Adopters of Cloud Computing Legal Challenges for U.S. Healthcare Adopters of Cloud Computing by Kevin Erdman and Nigel Stark of Baker & Daniels LLP 1 ABSTRACT U.S. Healthcare companies have begun experimenting with taking business-critical

More information

Things You Need to Know About Cloud Backup

Things You Need to Know About Cloud Backup Things You Need to Know About Cloud Backup Over the last decade, cloud backup, recovery and restore (BURR) options have emerged as a secure, cost-effective and reliable method of safeguarding the increasing

More information

Enterprise Architecture Review Checklist

Enterprise Architecture Review Checklist Enterprise Architecture Review Checklist Software as a Service (SaaS) Solutions Overview This document serves as Informatica s Enterprise Architecture (EA) Review checklist for Cloud vendors that wish

More information

How cloud computing can transform your business landscape

How cloud computing can transform your business landscape How cloud computing can transform your business landscape Introduction It seems like everyone is talking about the cloud. Cloud computing and cloud services are the new buzz words for what s really a not

More information

Keeping up with the World of Cloud Computing: What Should Internal Audit be Thinking About?

Keeping up with the World of Cloud Computing: What Should Internal Audit be Thinking About? Keeping up with the World of Cloud Computing: What Should Internal Audit be Thinking About? IIA San Francisco Chapter October 11, 2011 Agenda Introductions Cloud computing overview Risks and audit strategies

More information

PRINCIPLES ON OUTSOURCING OF FINANCIAL SERVICES FOR MARKET INTERMEDIARIES

PRINCIPLES ON OUTSOURCING OF FINANCIAL SERVICES FOR MARKET INTERMEDIARIES PRINCIPLES ON OUTSOURCING OF FINANCIAL SERVICES FOR MARKET INTERMEDIARIES TECHNICAL COMMITTEE OF THE INTERNATIONAL ORGANIZATION OF SECURITIES COMMISSIONS FEBRUARY 2005 Preamble The IOSCO Technical Committee

More information

The Elephant in the Room: What s the Buzz Around Cloud Computing?

The Elephant in the Room: What s the Buzz Around Cloud Computing? The Elephant in the Room: What s the Buzz Around Cloud Computing? Warren W. Stippich, Jr. Partner and National Governance, Risk and Compliance Solution Leader Business Advisory Services Grant Thornton

More information

Network & Information Security Policy

Network & Information Security Policy Policy Version: 2.1 Approved: 02/20/2015 Effective: 03/02/2015 Table of Contents I. Purpose................... 1 II. Scope.................... 1 III. Roles and Responsibilities............. 1 IV. Risk

More information

WHY YOU SHOULD CONSIDER CLOUD BASED EMAIL ARCHIVING.

WHY YOU SHOULD CONSIDER CLOUD BASED EMAIL ARCHIVING. WHY YOU SHOULD CONSIDER CLOUD BASED EMAIL ARCHIVING. INTRODUCTION A vast majority of information today is being exchanged via email. In 2011, the average corporate user will send and receive about 112

More information

BOWMAN SYSTEMS SECURING CLIENT DATA

BOWMAN SYSTEMS SECURING CLIENT DATA BOWMAN SYSTEMS SECURING CLIENT DATA 2012 Bowman Systems L.L.C. All Rights Reserved. This document and the information contained herein are the property of Bowman Systems L.L.C. and should be considered

More information

TERRITORY RECORDS OFFICE BUSINESS SYSTEMS AND DIGITAL RECORDKEEPING FUNCTIONALITY ASSESSMENT TOOL

TERRITORY RECORDS OFFICE BUSINESS SYSTEMS AND DIGITAL RECORDKEEPING FUNCTIONALITY ASSESSMENT TOOL TERRITORY RECORDS OFFICE BUSINESS SYSTEMS AND DIGITAL RECORDKEEPING FUNCTIONALITY ASSESSMENT TOOL INTRODUCTION WHAT IS A RECORD? AS ISO 15489-2002 Records Management defines a record as information created,

More information

Cloud Computing: Contracting and Compliance Issues for In-House Counsel

Cloud Computing: Contracting and Compliance Issues for In-House Counsel International In-house Counsel Journal Vol. 6, No. 23, Spring 2013, 1 Cloud Computing: Contracting and Compliance Issues for In-House Counsel SHAHAB AHMED Director Legal and Corporate Affairs, Microsoft,

More information

Session 11 : (additional) Cloud Computing Advantages and Disadvantages

Session 11 : (additional) Cloud Computing Advantages and Disadvantages INFORMATION STRATEGY Session 11 : (additional) Cloud Computing Advantages and Disadvantages Tharaka Tennekoon B.Sc (Hons) Computing, MBA (PIM - USJ) POST GRADUATE DIPLOMA IN BUSINESS AND FINANCE 2014 Cloud

More information

Protecting Official Records as Evidence in the Cloud Environment. Anne Thurston

Protecting Official Records as Evidence in the Cloud Environment. Anne Thurston Protecting Official Records as Evidence in the Cloud Environment Anne Thurston Introduction In a cloud computing environment, government records are held in virtual storage. A service provider looks after

More information

RECORD AND INFORMATION MANAGEMENT FRAMEWORK FOR ONTARIO SCHOOL BOARDS/AUTHORITIES

RECORD AND INFORMATION MANAGEMENT FRAMEWORK FOR ONTARIO SCHOOL BOARDS/AUTHORITIES PURPOSE Records and information are important strategic assets of an organization and, like other organizational assets (people, capital and technology), must be managed to maximize their value. Information

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources

More information

Information Security Risk Assessment Checklist. A High-Level Tool to Assist USG Institutions with Risk Analysis

Information Security Risk Assessment Checklist. A High-Level Tool to Assist USG Institutions with Risk Analysis Information Security Risk Assessment Checklist A High-Level Tool to Assist USG Institutions with Risk Analysis Updated Oct 2008 Introduction Information security is an important issue for the University

More information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information FINAL May 2005 Guideline on Security Systems for Safeguarding Customer Information Table of Contents 1 Introduction 1 1.1 Purpose of Guideline 1 2 Definitions 2 3 Internal Controls and Procedures 2 3.1

More information

7QUESTIONSYOUNEEDTOASKBEFORE CHOOSINGACOLOCATIONFACILITY FORYOURBUSINESS

7QUESTIONSYOUNEEDTOASKBEFORE CHOOSINGACOLOCATIONFACILITY FORYOURBUSINESS 7QUESTIONSYOUNEEDTOASKBEFORE CHOOSINGACOLOCATIONFACILITY FORYOURBUSINESS ExecutiveBrief P a g e 1 Executive Brief 7 Questions You Need to Ask Before Choosing a Colocation Facility for Your Business Choosing

More information

Information Security Policy September 2009 Newman University IT Services. Information Security Policy

Information Security Policy September 2009 Newman University IT Services. Information Security Policy Contents 1. Statement 1.1 Introduction 1.2 Objectives 1.3 Scope and Policy Structure 1.4 Risk Assessment and Management 1.5 Responsibilities for Information Security 2. Compliance 3. HR Security 3.1 Terms

More information

How To Manage Records In A Cloud

How To Manage Records In A Cloud Retention & Disposition of Records Residing in a Public Cloud: A Risk Management Approach Patricia C. Franks, PhD, IGP, CA, CRM International Symposium October 17, 2014 to mitigate risk Not all information

More information

Software as a Service Decision Guide and Best Practices

Software as a Service Decision Guide and Best Practices Software as a Service Decision Guide and Best Practices Purpose of this document Software as a Service (SaaS) is software owned, delivered and managed remotely by one or more providers [Gartner, SaaS Hype

More information

<Choose> Addendum Windows Azure Data Processing Agreement Amendment ID M129

<Choose> Addendum Windows Azure Data Processing Agreement Amendment ID M129 Addendum Amendment ID Proposal ID Enrollment number Microsoft to complete This addendum ( Windows Azure Addendum ) is entered into between the parties identified on the signature form for the

More information

CLOUD COMPUTING READINESS CHECKLIST

CLOUD COMPUTING READINESS CHECKLIST CLOUD COMPUTING READINESS VOLKER RATH VOLKER RATH 1 CONTENTS HOW SHOULD THIS GUIDE BE USED? 2 WILL MY COMPANY BENEFIT FROM 2 TRANSITIONING SERVICES TO THE CLOUD? CLOUD READINESS OVERVIEW 3 SECURITY CONCERNS

More information

Document Version. January 2013

Document Version. January 2013 Service and Technical Description Vendor Access Network Providers (VAN) January 2013 Contents Vendor Access Network Providers (VAN)... 1 Contents... 2 Document Version... 3 1. Introduction... 4 1.1. Purpose

More information

Is Cloud Computing Inevitable for Lawyers?

Is Cloud Computing Inevitable for Lawyers? Is Cloud Computing Inevitable for Lawyers? by Sharon D. Nelson and John W. Simek 2015 Sensei Enterprises, Inc. Not a single day goes by when you don t hear something about cloud computing. It could be

More information

Cloud Computing in a Government Context

Cloud Computing in a Government Context Cloud Computing in a Government Context Introduction There has been a lot of hype around cloud computing to the point where, according to Gartner, 1 it has become 'deafening'. However, it is important

More information

Cloud Service Contracts: An Issue of Trust

Cloud Service Contracts: An Issue of Trust Cloud Service Contracts: An Issue of Trust Marie Demoulin Assistant Professor Université de Montréal École de Bibliothéconomie et des Sciences de l Information (EBSI) itrust 2d International Symposium,

More information

Cloud Computing; What is it, How long has it been here, and Where is it going?

Cloud Computing; What is it, How long has it been here, and Where is it going? Cloud Computing; What is it, How long has it been here, and Where is it going? David Losacco, CPA, CIA, CISA Principal January 10, 2013 Agenda The Cloud WHAT IS THE CLOUD? How long has it been here? Where

More information

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect OWASP Chapter Meeting June 2010 Presented by: Brayton Rider, SecureState Chief Architect Agenda What is Cloud Computing? Cloud Service Models Cloud Deployment Models Cloud Computing Security Security Cloud

More information

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL for INFORMATION RESOURCES Updated: June 2007 Information Resources Security Manual 1. Purpose of Security Manual 2. Audience 3. Acceptable

More information

GETTING THE MOST FROM THE CLOUD. A White Paper presented by

GETTING THE MOST FROM THE CLOUD. A White Paper presented by GETTING THE MOST FROM THE CLOUD A White Paper presented by Why Move to the Cloud? CLOUD COMPUTING the latest evolution of IT services delivery is a scenario under which common business applications are

More information

Requirements for Technology Outsourcing

Requirements for Technology Outsourcing Requirements for Technology Outsourcing Table of Contents Revision History... 3 Overview... 4 Service Provider Selection... 5 Service Delivery Models... 5 Legal Considerations... 5 Security Assessments...

More information

IT Forum 2-11-2013 UW-Madison Records Management Program. UW Archives and Records Management

IT Forum 2-11-2013 UW-Madison Records Management Program. UW Archives and Records Management IT Forum 2-11-2013 UW-Madison Records Management Program Records facilitate and sustaining day-to-day university operations. Records support organizational activities such as student admissions, research

More information

Anatomy of a Cloud Computing Data Breach

Anatomy of a Cloud Computing Data Breach Anatomy of a Cloud Computing Data Breach Sheryl Falk Mike Olive ACC Houston Chapter ITPEC Practice Group September 18, 2014 1 Agenda Ø Cloud 101 Welcome to Cloud Computing Ø Cloud Agreement Considerations

More information

2011 Morrison & Foerster LLP All Rights Reserved mofo.com. Risk, Governance and Negotiation in the Cloud: Capture Benefits and Reduce Risks

2011 Morrison & Foerster LLP All Rights Reserved mofo.com. Risk, Governance and Negotiation in the Cloud: Capture Benefits and Reduce Risks 2011 Morrison & Foerster LLP All Rights Reserved mofo.com Risk, Governance and Negotiation in the Cloud: Capture Benefits and Reduce Risks 14 September 2011 Presenters Alistair Maughan Morrison & Foerster

More information

Main Reference : Hall, James A. 2011. Information Technology Auditing and Assurance, 3 rd Edition, Florida, USA : Auerbach Publications

Main Reference : Hall, James A. 2011. Information Technology Auditing and Assurance, 3 rd Edition, Florida, USA : Auerbach Publications Main Reference : Hall, James A. 2011. Information Technology Auditing and Assurance, 3 rd Edition, Florida, USA : Auerbach Publications Suggested Reference : Senft, Sandra; Gallegos, Frederick., 2009.

More information

Which is Better: Virtualization or Cloud IaaS?

Which is Better: Virtualization or Cloud IaaS? A White Paper Which is Better: Virtualization or Cloud IaaS? Which is Better: Virtualization or Cloud IaaS? Why should I consider Virtualization or Cloud IaaS at all? Simply put, they can save you money.

More information

Information Technology General Controls Review (ITGC) Audit Program Prepared by:

Information Technology General Controls Review (ITGC) Audit Program Prepared by: Information Technology General Controls Review (ITGC) Audit Program Date Prepared: 2012 Internal Audit Work Plan Objective: IT General Controls (ITGC) address the overall operation and activities of the

More information

Orchestrating the New Paradigm Cloud Assurance

Orchestrating the New Paradigm Cloud Assurance Orchestrating the New Paradigm Cloud Assurance Amsterdam 17 January 2012 John Hermans - Partner Current business challenges versus traditional IT Organizations are challenged with: Traditional IT seems

More information

HIPAA: Understanding The Omnibus Rule and Keeping Your Business Compliant

HIPAA: Understanding The Omnibus Rule and Keeping Your Business Compliant 1 HIPAA: Understanding The Omnibus Rule and Keeping Your Business Compliant Introduction U.S. healthcare laws intended to protect patient information (Protected Health Information or PHI) and the myriad

More information

Hedge Funds & the Cloud: The Pros, Cons and Considerations

Hedge Funds & the Cloud: The Pros, Cons and Considerations Hedge Funds & the Cloud: The Pros, Cons and Considerations By Mary Beth Hamilton, Director of Marketing, Eze Castle Integration The increased use of cloud-based services is undeniable. Analyst firm Forrester

More information

Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC

Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC www.fmsinc.org 1 2015 Financial Managers Society, Inc. Cloud Security Implications

More information

Webrecs IT infrastructure. The Webrecs IT backend explained and how we store, backup, protect and deliver your documents to you

Webrecs IT infrastructure. The Webrecs IT backend explained and how we store, backup, protect and deliver your documents to you Webrecs IT infrastructure The Webrecs IT backend explained and how we store, backup, protect and deliver your documents to you Sunday, April 21, 2013 Contents Introduction... 3 Data storage... 3 Data Centres...

More information

The Top 10 Things to Look for When Choosing One

The Top 10 Things to Look for When Choosing One Why you need an Infrastructure Provider- The Top 10 Things to Look for When Choosing One CONTENTS Introduction...1 State of the Market: Factors Driving Corporate Choices...2 VAR Business Models Undergo

More information

Security Whitepaper: ivvy Products

Security Whitepaper: ivvy Products Security Whitepaper: ivvy Products Security Whitepaper ivvy Products Table of Contents Introduction Overview Security Policies Internal Protocol and Employee Education Physical and Environmental Security

More information

NAREIM Session: Dangers and challenges of The Cloud. President, NiceNets Consulting, LLC

NAREIM Session: Dangers and challenges of The Cloud. President, NiceNets Consulting, LLC Main Types of Cloud Environments: - Public Cloud: A service built on an external platform run by a cloud service provider such as IBM, Amazon Web Services or Microsoft Azure. Subscribers can get access

More information

CONSIDERATIONS BEFORE MOVING TO THE CLOUD

CONSIDERATIONS BEFORE MOVING TO THE CLOUD CONSIDERATIONS BEFORE MOVING TO THE CLOUD What Management Needs to Know Part I By Debbie C. Sasso Principal When talking technology today, it s very rare that the word Cloud doesn t come up. The benefits

More information

Benefits and risks of cloud computing

Benefits and risks of cloud computing Stephen Turner Known-Quantity.com and Holy Family University ABSTRACT Cloud computing vendors maintain data away from the facilities of their customers. This is compelling because it enables companies

More information

CPNI VIEWPOINT 01/2010 CLOUD COMPUTING

CPNI VIEWPOINT 01/2010 CLOUD COMPUTING CPNI VIEWPOINT 01/2010 CLOUD COMPUTING MARCH 2010 Acknowledgements This viewpoint is based upon a research document compiled on behalf of CPNI by Deloitte. The findings presented here have been subjected

More information

Top 10 Risks in the Cloud

Top 10 Risks in the Cloud A COALFIRE PERSPECTIVE Top 10 Risks in the Cloud by Balaji Palanisamy, VCP, QSA, Coalfire March 2012 DALLAS DENVER LOS ANGELES NEW YORK SEATTLE Introduction Business leaders today face a complex risk question

More information

A Checklist for Software as a Service (SaaS) Vendors and Application Service Providers

A Checklist for Software as a Service (SaaS) Vendors and Application Service Providers A Checklist for Software as a Service (SaaS) Vendors and Application Service Providers This checklist is a longer version of a SaaS Checklist that appeared in the July 2009 issue of LAWPRO Magazine at

More information

CLOUD STORAGE SECURITY INTRODUCTION. Gordon Arnold, IBM

CLOUD STORAGE SECURITY INTRODUCTION. Gordon Arnold, IBM CLOUD STORAGE SECURITY INTRODUCTION Gordon Arnold, IBM SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individual members may use this material

More information

Selecting a Law Firm Cloud Provider: Questions to Ask and Ethical/Security Concerns

Selecting a Law Firm Cloud Provider: Questions to Ask and Ethical/Security Concerns Selecting a Law Firm Cloud Provider: Questions to Ask and Ethical/Security Concerns by Sharon D. Nelson, Esq. and John W. Simek 2013 Sensei Enterprises, Inc. It seems like everybody is talking about the

More information

security in the cloud White Paper Series

security in the cloud White Paper Series security in the cloud White Paper Series 2 THE MOVE TO THE CLOUD Cloud computing is being rapidly embraced across all industries. Terms like software as a service (SaaS), infrastructure as a service (IaaS),

More information

Every Cloud Has A Silver Lining. Protecting Privilege Data In A Hosted World

Every Cloud Has A Silver Lining. Protecting Privilege Data In A Hosted World Every Cloud Has A Silver Lining Protecting Privilege Data In A Hosted World May 7, 2014 Introduction Lindsay Stevens Director of Software Development Liquid Litigation Management, Inc. lstevens@llminc.com

More information