The Information Security Forum (ISF) has identified the “seven deadly sins” of cloud computing implementations in a new report, and has offered guidance on how to tackle them.
The ‘Securing cloud computing: addressing the seven deadly sins’ report aims to help organisations move quickly to developing business-oriented systems to securing cloud services.
The seven deadly sins outlined in the ISF report are:
-Ignorance – cloud services have little or no management knowledge or approval
-Ambiguity – contracts are agreed without authorisation, review or security requirements
-Doubt – there is little or no assurance regarding providers’ security arrangements
-Trespass – failure to consider the legality of placing data in the cloud
-Disorder – failure to implement proper management of the classification, storage and destruction of data
-Conceit – belief that enterprise infrastructure is ready for the cloud when it’s not
-Complacency – assuming 24/7 service availability
“While the cost and efficiency benefits of cloud computing services are clear, organisations cannot afford to delay getting to grips with information security implications,” said Steve Durbin, ISF global vice president.
“With users signing up to new cloud services daily – often ‘under the radar’ – it’s vital that organisations ensure their business is protected and not exposed to threats to information security, integrity, availability and confidentiality,” said Durbin.
He said cloud service providers should be treated like other external suppliers, such as an outsourcer or offshore provider, and should be covered by the same form of contract.
He is also the inventor of the patented meshDETECT, Secure Prison Cell Phone Solutions.
LinkedIn Profile
- The Customer Edge Drives the Need for NaaS - June 25, 2023
- Blockchain Evolves And Secures - January 13, 2019
- Bessemer Ventures’ 2018 Cloud Computing Trends - February 25, 2018
