Would it be helpful for US companies to adopt the EU guidelines for improving security in cloud contracts?
hughye 2 years ago
ENISA (the European Network and Information Security Agency) released a set of guidelines that essentially provides a model set of questions for companies entering into contracts with cloud service providers. It's a 64 page document that you can review if you are so inclined: http://www.enisa.europa.eu/activities/application-security/test/procure-...
Without going into too much depth, the guidelines offer suggestions for contractual agreements on specific actions and duties of the cloud provider, and, when appropriate sets out metrics for measuring compliance. In my view it helps the two parties understand exactly what is expected and what will be provided. Of course, every company can do this on an individual basis, but good luck getting Amazon Cloud Services to sit down and agree to thousands of individual agreements that all differ. This provides a sort of standardization as to what the mutual expectations are, especially as related to data security. As far as I know there isn't anything comparable in the US. Why not adopt these guidelines outright in the US, or some form of them to ensure providers are upfront with customers about security practices and expectations?
Topic: Cloud ComputingAnswer this Question
Ask a question
In response to a query from Vint Cerf, professional developers explain why they don’t feel a membership in the Association for Computing Machinery is worth the cost
Microsoft and IBM are gaining momentum in the cloud infrastructure services market, putting pressure on Amazon and outpacing rival Google, according to a new study.
A network testbed being constructed just south of San Francisco will help carriers and vendors develop standards for better cloud services, the CloudEthernet Forum says.
Managed cloud service offers alternative to DIY or WAN optimization appliances.
IT leaders need to learn how to manage the evolving legal, privacy and compliance issues of SMAC contracts.
California is moving its IT services to a cloud, on-demand, subscription-based service that state officials believe may meet as much as 80% of its computing needs.
Microsoft has begun boosting the free allowance of its OneDrive cloud-based storage service to one terabyte for subscribers to consumer and college student Office 365 plans.
IBM is offering a potentially powerful incentive in its attempts to entice organizations to move supercomputing jobs to the cloud: a high-speed network communications link called InfiniBand.
Businesses don't have to use Sprint's network or even Android devices.
Dropbox will continue beefing up the business version of its cloud storage and file sharing service, adding security features to shared links, full-text search capabilities and new tools for enterprise developers.