Cloud Security and Governance Considerations
Session Details
Session Abstract
Public cloud services have many benefits for organizations of all sizes. However, because cloud services are outside the direct control of an organization, there is a need to establish strong governance mechanisms. Dealing with cloud services requires careful attention to the roles and responsibilities between the organization and cloud provider.
There are important differences between cloud services and traditional outsourcing relationships. Unfortunately, most organizations do not understand the security and governance considerations for cloud services. Further, since cloud relationships are often initiated outside IT departments, IT managers have been slow to "get out in front" of the issue and build a corporate framework for evaluating and periodically reassessing cloud providers.
This presentation will enable decision makers to answer two primary questions:
• What are the steps for evaluating and selecting a cloud provider?
• How is the cloud provider relationship reviewed and periodically reassessed?
It will enable organizations to make informed, proactive decisions on cloud providers and better allow them to take full advantage of cloud services while minimizing the risks inherent in using these external services.