Cloud Risks

DoD’s cloud policy rains some risks, IG says

Grazed from FederalNewsRadio. Author: Scott Maucione.

A new Defense Department Inspector General’s report found problems with the Pentagon’s cloud policy that may have monetary and cybersecurity risks. DoD does not maintain a comprehensive list of cloud computing service contracts because the department’s chief information officer failed to establish a standard, department-wide definition for cloud computing. In addition, the DoD CIO did not develop an integrated repository that could provide detailed information used to identify cloud computing service contracts, the report stated.

As a result, DoD has no way of determining if it is actually saving money by migrating to the cloud and may not be able to effectively identify and monitor cloud computing security risks, the report stated. “DoD’s ability to track cloud computing cost savings, and benefits is greatly limited if DoD is not aware what cloud computing service contracts exist within DoD … [and] unless DoD Components accurately classify their information systems as using cloud computing services, DoD CIO will not be aware what security risks are specific to those services,” the report stated...

Read more from the source @ http://federalnewsradio.com/defense/2015/12/dods-cloud-policy-rains-risks/

Key to HIPAA compliance is understanding your data center and cloud risks

Grazed from TechRepublic.  Author: Brian Taylor.

Regarding HIPAA compliance, understanding "risks in your own data center," said David Pollard of Connectria Hosting, "is key to understanding your risks in the cloud." Pollard, Regional Director at Connectria, says that he still encounters executives who believe that hiring a "HIPAA cloud provider somehow mitigates their own needs for compliance." HIPAA is the Federal Health Insurance Portability and Accountability Act of 1996.
 
Healthcare organizations to need dig deep into their cloud service agreements and also perform a HIPAA assessment to know "where your vulnerabilities lie, allowing you to find a provider that will help you cover your gaps," explained Pollard. Nor can HIPAA cloud providers in the current threat environment say they "have a HIPAA Compliant solution and only provide the minimum infrastructure."...

9 Cloud Computing Security Risks Every Company Faces

Grazed from SkyhighNetworks.  Author: Editorial Staff.

 The worldwide cloud computing market is expected to grow to $191 billion by 2020, according to analyst firm Forrester, up from $91 billion in 2015. There are numerous advantages of cloud computing driving a secular move to the cloud; among them lower cost, faster time to market, and increased employee productivity. However, the security of data in the cloud is a key concern holding back cloud adoption for IT departments.

Employees are not waiting for IT; they’re bringing cloud services to work as part of a larger “bring your own cloud” or BYOC movement. The Ponemon Institute surveyed 400 IT and IT security leaders to uncover how companies are managing user-led cloud adoption...

Hackers Not the Greatest Cloud Security Risk

Grazed from NorthEast Computer Services.  Author: Editorial Staff.

It is commonplace today to hear businesses voicing concerns about using cloud based services as though the cloud is much less secure than any system you might purchase or devise on site. In reality it is not the cloud or any other platform that determines how much of a security risk you are taking with your data.

The security of your data quite simply starts and ends with you. The commitment you make as the owner of a business to plan and do research to discover the best safety system fit for your company is easily the most important piece of the security risk puzzle. Once you have determined the most appropriate security configuration for your needs the next step is to put protocols in place from the top management on down to ensure the security systems as designed are working consistently and properly...

Taking a Clear View of Cloud Risks

Grazed from BaselineMag.  Author: Samuel Greengard.

Over the last few years, cloud computing has moved into the mainstream of the enterprise,  emerging as a valuable tool for managing IT systems, software and data. Yet, while the technology solves many security problems, it also introduces new challenges. A recently released "Cloud Security Spotlight Report" from Cloud Research Partners sheds light on emerging issues and how enterprise business and IT leaders are coping with them.

The survey of 1,000 cyber-security professionals identifies a number of key drivers and risk factors related to cloud adoption, including unauthorized access, hijacking of accounts and dealing with malicious insiders. Overall, nearly 90 percent of respondents expressed concern about security and data risk. "Cloud security is top of mind for cyber-security professionals," noted Holger Schulze, founder of the Information Security Community on LinkedIn, which partnered on the report...

Can Domestic-Only Cloud Services Address Cloud Computing Risks?

Grazed from CipherCloud.  Author: Michael Higashi.

The cloud technology landscape has grown more complicated and more fraught with FUD in recent months. This is being driven by the ever-changing landscape of data residency and data privacy laws, and the growing mountain of revelations of government agencies demanding cloud service providers (CSPs) to hand over private consumer and enterprise data. For markets outside the United States, fears are particularly strong that any data stored on US soil or by US-based CSPs is vulnerable to NSA surveillance.

Some CSPs headquartered outside the US are leveraging these fearsDomestic-Only Cloud Services Address Cloud Computing Risks to push a model of domestic-only data centers as a way of addressing the cloud computing risks surrounding data residency and privacy...