Our site will be undergoing maintenance from 6 a.m. - 6 p.m. ET on Saturday, May 20. During this time, Bookshop, checkout, and other features will be unavailable. We apologize for the inconvenience.
Cookies must be enabled to use this website.
Book Image Not Available Book Image Not Available
Book details
  • SubGenre:Internet / Online Safety & Privacy
  • Language:English
  • Pages:80
  • eBook ISBN:9781618429971

Cloud Computing

Security Compliance and Governance

by Russell Ballantine

Book Image Not Available Book Image Not Available
A concise and useful analysis of the legal issues facing both cloud providers and their customers.
The technical awareness of the legal system with regards to cloud technologies is increasing. The courts are beginning to take a useful, pragmatic and well balanced approach to evaluating the fairness and effectiveness of service provider T&C’s in meeting customer information security requirements and obligations. The concept of what is reasonable is central to this balance. It is also nothing new. This after all is what corporate diligence is all about. However, achieving this reasonableness requires real understanding of well known terms such as: vulnerability, threat, risk and exposure within a new technical landscape. A common question asked by senior management when faced with a technical issue of security is “well what really is the risk?” Unfortunately the expertise of most security professionals often doesn’t extend to the legal environment where these risks eventually manifest themselves. The difficulty in answering the question arises because a big part of the answer lies with a company’s ability to contract effectively with its customers. For a service provider, poor governance of cloud security issues equates to poor corporate diligence and a tangible risk to business reputation.
About the author
Russell Ballantine has worked in the Internet and information security field for over 15 years. Previously having worked for British Telecom, Thus Plc and Motorola he now works for Cable and Wireless WorldWide as a senior Technical Specialist. He is a certified CISSP and has an LLM in IT and Telecoms Law from the University of Strathclyde, Glasgow.