Blog Posts Tagged with "Service Level Agreement"

0a8cae998f9c51e3b3c0ccbaddf521aa

CISO Challenges: The Build vs. Buy Problem (2:2)

January 24, 2013 Added by:Rafal Los

In order to not incur additional risk to the business, the organization being outsourced to must be heavily vetted and contractually obligated to maintain secrecy and integrity. It can be done, but it's tricky, and requires work in due-diligence to ensure the result isn't a train wreck during a worst-case scenario...

Comments  (0)

3071bd3c5c013c8c3defcccad0259c16

If you are not serious enough about your security don’t expect your IT service provider to care

December 10, 2012 Added by:Hani Banayoti

Another year coming to a close and I am full of hope for new thinking on security for the road ahead. One particular aspect in our profession that I would like to see change in the very near future is the typical approach to incorporating security in contracts with IT Service Providers...

Comments  (0)

D03c28fd5a80c394905c980ee1ecdc88

Ten Things I’ve Learned About Cloud Security

July 17, 2012 Added by:Bill Mathews

Cloud security is tough for a lot of reasons, not least of which is because you probably only understand the basics of what you interface with - the controls the provider allows you to see. This lack of depth of management introduces many security related challenges. Having said that, let’s explore...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

The Cloud: It’s Not About Cost

June 24, 2012 Added by:Ben Kepes

I was interested to read recently a survey that was commissioned by the Cloud Alliance. What was key for the respondents? Data security and end-user privacy were paramount. One-quarter of survey respondents in organizations with more than 200 workers listed security and privacy as their primary concerns...

Comments  (0)

54a9b7b662bfb0f0445d1661d7ed180b

Where Will the Buck Stop in Cloud Security?

May 15, 2012 Added by:Jayson Wylie

I don’t want to see the main outcome of security and data breaches become lengthy litigation. If cloud security boils down to he who has the best law team, the direction of security will have an approach of least exposure to litigation versus Cyber threats. This does not settle with me as a valid security driver for improving security posture...

Comments  (0)

54a9b7b662bfb0f0445d1661d7ed180b

Is Cloud Security in the Clouds?

May 09, 2012 Added by:Jayson Wylie

Cloud security threats can come from the lack of designed and implemented security by the provider. This may be intentional or not but the lack of oversight or negligence in this area can potentially cause disputes over the difference of control versus accountability...

Comments  (0)

9f19bdb2d175ba86949c352b0cb85572

Understanding Cloud Security Part Two

March 14, 2012 Added by:Neira Jones

Organisations need to ask cloud providers to disclose security controls and how they are implemented, and consuming organisations need to know which controls are needed to maintain the security of their information. Lack of thoroughness can lead to detrimental outcomes...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Patchwork Cloud - What's the Deal with Cloud Security?

March 14, 2012 Added by:Rafal Los

Since everything I've been reading from the press, my colleagues, and analysts I know has been telling me security is ranked high in the top five concerns for cloud computing adoption - an article on ARN by Spandas Lui was like a bucket of ice water to the face...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Cyber Insurance: Efficient Way to Manage Risk in the Cloud?

February 27, 2012 Added by:David Navetta

While customers may enjoy some short term cost-benefits by going into the Cloud, they may be retaining more risk then they want - especially where Cloud providers refuse to accept that risk contractually). Cyber insurance may be a solution to help solve the problem...

Comments  (0)

9f19bdb2d175ba86949c352b0cb85572

Compliance in the Digital Era: Watch Out for the Third Party

February 24, 2012 Added by:Neira Jones

It is crucial that businesses understand which controls are needed to maintain the security of their information assets and it is therefore crucial that suppliers are assessed against the business regulatory and compliance framework...

Comments  (0)

4e30710fdd82d696f9a69b8a561c0c3e

Best Practices to Prevent Document Leaks

February 16, 2012 Added by:Peter Weger

Unfortunate consequences occur when companies lose control over confidential assets and experience intentional or unintentional disclosure of the information. In some cases, even the possibility of information leakage can damage reputations and stock prices...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

Tips for Organizations Heading to the Cloud

February 09, 2012 Added by:Ben Kepes

Identify the data that is touched by each IT process. Is there any data that has to stay in-house for security or compliance reasons? You may need to change IT processes so the sensitive data is not affected by the transition...

Comments  (0)

Bddcc5065237c686cb4d89dba8b276f2

Designing Security with Brand in Mind

February 06, 2012 Added by:Steven Fox, CISSP, QSA

Why is it important to deliver security services consistent with your brand? The fundamental archetype created by your brand must be supported by behaviors which confirm its relevance. Performance that is inconsistent will lead your customers to question your brand promise...

Comments  (0)

49afa3a1bba5280af6c4bf2fb5ea7669

Three Things Experts Won't Tell You About Cloud Security

December 14, 2011 Added by:Mike Meikle

Carefully crafted and monitored SLAs to keep vendors in check, mandating FIPS 140-2 certification of potential vendors and benefiting from vendor technology investments (economies of scale) can add significant weight to cloud solution providers being more secure than in-house solutions...

Comments  (1)

D15e0b682a84587af9af463961d00f22

e-Commerce Risks for Cyber Monday and the Holidays

November 28, 2011 Added by:John Nicholson

To deal with the potential volume, they can turn to cloud-based services to add capacity and prevent the site from crashing, but as we'll discuss below, the availability commitments made by many cloud services create their own risks...

Comments  (0)

Ad5130e786d13531cc0f2cde32dacd0f

Decrypting QSA Qualifications in a Diluted Market Place

November 21, 2011 Added by:Andrew Weidenhamer

One of the biggest challenges is how to determine which 3rd party QSA company to use. With 120+ QSA companies certified to perform On-Site Assessments in the USA, there is not an easy answer, unless of course price is the only consideration. Unfortunately, sometimes this is the case...

Comments  (0)

Page « < 1 - 2 > »