Thinking Cloud Services - Look Before You Leap!

As enterprises turn to Cloud services to try and leverage economies and reduce operating risks, they could be walking "eyes wide shut" into a dangerous security environment.  It is very unlikely that a Cloud provider has the same level of controls that most customer organizations have today, and even more unlikely that they have controls in place that you would expect in an operation that commingles customer accounts and data.  Some hide, weakly, behind a claim to have a SAS 70 Type 1 audit.  Oh, puhlease!  What about an ISMS Certification (ISO 27000)?  What other key security capabilities should you expect from a Cloud service? This presentation identifies those key capabilities, and provides a Cloud Service Evaluation Checklist that you can use to do a quick reality check on your anticipated or current Cloud provider.

Tracks: Cloud in the Enterprise, Data Center and IT Management, Responsibly Architected Application Solutions, Security and Compliance, Software Architecture and The Dark Side of Virtualization