201139 Cloud Computing Security Considerations

Document Sample
201139 Cloud Computing Security Considerations Powered By Docstoc
					This template was purchased by AuditNet from a third party under a work for
hire agreement. However, while we have attempted to provide accurate
information no representation is made or warranty given as to the
completeness or accuracy of the template. In particular, you should be aware
that the template may be incomplete, may contain errors, or may have become
out of date. While every reasonable precaution has been taken in the
preparation of this template, neither the author nor AuditNet assumes
responsibility for errors or omissions, or for damages resulting from the use of
the information contained herein. The information contained in this document is
believed to be accurate. However, no guarantee is provided. Use this
information at your own risk.
38-SLIDE POWER POINT - ADVANCED SECURITY



CC Security Issues
CLOUD COMPUTING SECURITY ISSUES

15-PAGE GUIDEBOOK - CLOUD SECURITY ISSUES




Cloud Computing
    Security




Cloud Computing Security Considerations


  INTRODUCTION 1
  OVERVIEW OF CLOUD COMPUTING 2
  OVERVIEW OF BUSINESS DRIVERS TO ADOPT CLOUD COMPUTING 4
  RISK MANAGEMENT 5
  OVERVIEW OF CLOUD COMPUTING SECURITY CONSIDERATIONS 6
  DETAILED CLOUD COMPUTING SECURITY CONSIDERATIONS 8
  Maintaining Availability and Business Functionality 8
  Protecting Data from Unauthorized Access by a Third Party 10
  Protecting Data from Unauthorized Access by the Vendor's Customers 13
  Protecting Data from Unauthorized Access by Rogue Vendor Employees 14
  Handling Security Incidents 14




INTRODUCTION


1. Cloud computing offers potential benefits including cost savings and improved
business outcomes for companies. However, there are a variety of information security
risks that need to be carefully considered. Risks will vary depending on the sensitivity of
the data to be stored or processed, and how the chosen cloud vendor (also referred to
as a cloud service provider) has implemented their specific cloud services.
INTRODUCTION


1. Cloud computing offers potential benefits including cost savings and improved
business outcomes for companies. However, there are a variety of information security
risks that need to be carefully considered. Risks will vary depending on the sensitivity of
the data to be stored or processed, and how the chosen cloud vendor (also referred to
as a cloud service provider) has implemented their specific cloud services.

2. This discussion paper assists auditors and managers to perform a risk assessment to
determine the viability of using cloud computing services. This document provides an
overview of cloud computing and associated benefits. Developing a risk assessment
helps senior business representatives make an informed decision as to whether cloud
computing is currently suitable to meet their business goals with an acceptable level of
risk. The questions in this document address the following topics:

a. availability of data and business functionality;

b. protecting data from unauthorized access; and,

c. handling security incidents.
iderations




LOUD COMPUTING 4


CONSIDERATIONS 6
SIDERATIONS 8


Party 10
dor's Customers 13
endor Employees 14




ng cost savings and improved
e are a variety of information security
ill vary depending on the sensitivity of
 osen cloud vendor (also referred to
 specific cloud services.
ng cost savings and improved
e are a variety of information security
ill vary depending on the sensitivity of
 osen cloud vendor (also referred to
 specific cloud services.

agers to perform a risk assessment to
rvices. This document provides an
 its. Developing a risk assessment
ormed decision as to whether cloud
 ss goals with an acceptable level of
ollowing topics:

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:5
posted:9/16/2012
language:English
pages:7