Would it be helpful for US companies to adopt the EU guidelines for improving security in cloud contracts?
hughye 2 years ago
ENISA (the European Network and Information Security Agency) released a set of guidelines that essentially provides a model set of questions for companies entering into contracts with cloud service providers. It's a 64 page document that you can review if you are so inclined: http://www.enisa.europa.eu/activities/application-security/test/procure-...
Without going into too much depth, the guidelines offer suggestions for contractual agreements on specific actions and duties of the cloud provider, and, when appropriate sets out metrics for measuring compliance. In my view it helps the two parties understand exactly what is expected and what will be provided. Of course, every company can do this on an individual basis, but good luck getting Amazon Cloud Services to sit down and agree to thousands of individual agreements that all differ. This provides a sort of standardization as to what the mutual expectations are, especially as related to data security. As far as I know there isn't anything comparable in the US. Why not adopt these guidelines outright in the US, or some form of them to ensure providers are upfront with customers about security practices and expectations?
Topic: Cloud ComputingAnswer this Question
Ask a question
Technology companies make up almost half of the businesses ranked highest by their employees for culture and values in a new survey
Microsoft has extended the data loss prevention features in Office 365 so that they are available not only for its email tools but also for data in SharePoint Online and OneDrive for Business.
Salesforce.com's development teams are continuing their steady pace of improvements to the Salesforce1 mobile application, which first debuted at last year's Dreamforce conference.
Responding to the growth of enterprise software development teams, Microsoft will allow occasional contributors to access the Visual Studio Online project development environment at no cost.
Dropbox is consolidating its three Pro account options into a single plan that's priced at US$9.99 per month and includes 1TB of storage and added controls for document sharing and security.
Use your coding powers to raise money for a worthy cause, no ice water involved
To beef up its cloud platform with more specialized packages, Google is acquiring Zync for its large scale rendering service for movie special effects, called Zync Render.
McAfee, part of Intel Security, has made improvements to its Server Security Suites portfolio with the introduction of performance optimisation and additional management efficiency to increase security for servers in physical, virtualised and Cloud environments.
A new analysis of Reddit comments shows which language’s developers seem to be the happiest - and which are the most foul-mouthed
Google's Slides presentation app can now be used without an Internet connection on iOS devices, joining the two other core office productivity tools in the company's suite, the Docs word processor and Sheets spreadsheet software.