Cloud compromised? Here’s what you need to do

Grazed from CMO. Author: Editorial Staff.

The Cloud Security Alliance, a not-for-profit organisation set up to promote best security practices for cloud computing, has released a white paper on conducting forensic investigation in cloud environments and has formed an Incident Management and Forensics Working Group. It warns that “While digital investigations, on the surface, seem to have little to do with the competitive position or profit-and-loss of CSPs, forensic readiness cannot be ignored.”

The co-chair of the group, Dominik Birk from Zurich Insurance, said the aim of the group was to define best practices that consider the legal, technical and procedural elements of responding to security incidents in the cloud in a forensically sound way. "This initial white paper represents a significant effort on behalf of numerous individuals and marks an important first step in conducting proper forensic investigations in cloud environments following a security incident,” he said…

The group’s white paper ‘Mapping the Forensic Standard ISO/IEC 27037 to Cloud Computing’ is designed to help researchers, data governance experts and forensic practitioners define standardised processes for conducting forensic investigations, electronic discovery and other critical aspects of security in a multi-tenant, highly virtualised environment…

Read more from the source @ http://www.cmo.com.au/mediareleases/16893/cloud-compromised-heres-what-you-need-to-do/