Cloud Computing: The Compliance Oriented Architecture – are we there yet?

Grazed from ComputerWeekly. Author: Clive Longbottom.

Over a decade ago, Quocirca looked at the current means of securing data, and decided that there was something fundamentally wrong. The concept of solely relying on network edge protection, along with internal network and application defences misses the point. It has always been the data that matters – in fact, not really even the data, but the information and intellectual property that data represents.

To our minds, enterprise content management (ECM) has not lived up to expectations around information security: it only dealt with a very small subset of information; it was far too expensive; and has not evolved to support modern collaboration mechanisms. It is also easy to circumvent its use, and far too easy for information assets to escape from within its sphere of control…

As an increased need for decentralised collaboration evolved and cloud computing offered new ways of sharing information, the problem became more complex. There was an increase in the difficulty of defining the network edge as the value chain of contractors, consultants, suppliers, customers and prospects grew, and in ensuring that the new silos of data and information being held in places such as Dropbox, Box and other cloud-based data stores were secure. However, in contrast to the problems with ECM, the use of cloud-based information sharing systems was in trying to stop individuals from using them: usage has grown, and in many cases, the organisation is oblivious to these new data stores…

Read more from the source @ http://www.computerweekly.com/blogs/quocirca-insights/2016/01/the-compliance-oriented-archit.html