Are the clouds in the Converged Cloud darkening?
Ramesh Munamarty
Board Member, Group/Global CIO, Transformation Leader, CIO/Board Advisor, M&A Expert, VC/PE/Startup Advisor
I had the privilege of giving a keynote address at Cloud Security Alliance in APAC. Cloud Security Alliance APAC - Keynote. I have summarized it below.
The benefits of Cloud Computing are obvious with reduction in Capital expenses, better alignment of operating expenses to the usage, increase in operational efficiency and higher resiliency. However with the benefits emerge the risks of concentration of security threats, transfer of control of data security, loss of internet connectivity or seizure by law enforcement agency can halt the business if backup plan does not exist and finally the risk of record retention requirements if something happened to the provider.
The ten steps to mitigate risk (details articulated in the article):
- Ensure effective GRC processes exist
- Audit Operational and Business Processes
- Manage People, Roles and Identities
- Ensure Proper Data Protection
- Ensure Data Privacy
- Access Security Provisions
- Ensure Cloud networks and connections are secure
- Evaluate security controls on physical infrastructure and facilities
- Manage Security terms in the Cloud Service Agreement
- Understand security requirements of the exit process