How do you do that? The CIA isn't likely to tell you, or to leak its cloud plans in the next season of Homeland. But there are guidelines from groups such as the European Network and Information Security Agency on how IT shops should handle public cloud vendors and monitor their security measures.
Don't treat moving to the cloud as some kind of commodity purchase. You are always going to need to do your homework to make sure that your cloud-based services are properly kept up to date and use best security practices.
As Mark Gilmore, president and co-founder of Wired Integrations, a California-based technology consulting firm, recently observed, if your "people fail to meet security standards, such as using complex passwords, and leave machines running for days on end, the likelihood of intrusion is going to increase and eventually resources will be hacked." In short, security basics remain the same, whether you use cloud-based systems or have an in-house client/server setup.
The Company knows that, and so should your company.
Steven J. Vaughan-Nichols has been writing about technology and the business of technology since CP/M-80 was cutting-edge and 300bps was a fast Internet connection -- and we liked it! He can be reached at email@example.com.
Read more about cloud computing in Computerworld's Cloud Computing Topic Center.