Growing confidence in cloud security

Grazed from CSO. Author: Ellen Messmer.

Cloud computing is blowing into 2013 on the winds of confidence, with IT professionals increasingly convinced that the security controls are adequate, but still very, very leery. Take Len Peters, CIO at Yale University, who has undertaken a cost-benefit analysis of cloud-based services in comparison to on-premises software purchases, finding that not only are unit costs less for the kind of software-as-a-service (SaaS) he’s most interested in, but that SaaS can also further the compliance and security goals the IT department has long espoused.

Last spring, Yale elected to migrate from an on-premises IT management application to the cloud-based ServiceNow. The economic analysis indicated a positive cost advantage within 13 months. But security and compliance considerations were and always are going to be critical factors in cloud-computing decisions, Peters says. Like many IT pros, he found himself asking the questions, "Is the cloud safe? What are the potential risks?"…

The answer, he says, is yes, there are risks, but not necessarily any more than in your own environment if the proper security and contractual arrangements can be put in place with the cloud provider. What’s more, use of cloud services can help speed the adoption of best practices that would further safeguard the university. Yale is using ServiceNow to further its support of IT service management practices that are codified in the Information Technology Infrastructure Library. ITIL spells out IT baselines that organizations can use in planning and implementation of IT services, and also to measure themselves against…

Read more from the source @ http://www.csoonline.com/article/725185/growing-confidence-in-cloud-security