Blog‎ > ‎

Cloud Data Management Policies: Security and Privacy Checklist

posted May 9, 2014, 10:38 AM by Karuna Joshi   [ updated May 9, 2014, 11:18 AM ]

Are you struggling with migrating to a cloud platform ?

Are you concerned about the security and privacy of your data on the Cloud ?

Have you defined all the policies necessary to ensure data security ?
Cloud security
We recently published a cloud security checklist that can be used as a reference by CIOs and Chief Information Security Officers (CISO) to ensure they have their enterprise security policies are clearly defined.

Abstract of our paper

Organizations have complex enterprise data policies, as well as legal and statutory constraints, that require compliance. Such policies are today enforced on internal resources that are completely controlled by the organization. On moving to a cloud based solution, the organization has to often hand over this control to the service provider. Hence, acquiring cloud services requires significant human intervention and negotiation -- people have to check whether a provider’s service attributes ensure compliance with their organization’s constraints. It is critical to ensure security and privacy of data on the cloud. In fact security concerns are one of the key adoption barriers of cloud services, especially for public or hybrid cloud deployments. Multi-tenancy related security/isolation issues and cross domain cloud access/authorization are some of the important privacy issues that organizations are concerned about. In this paper we define the critical security and privacy policies that an organization adopting cloud computing must formulate to ensure their enterprise data policies and constraints are addressed by the cloud provider. These policies are part of an essential check list that should be referred to by every organization migrating to the cloud.