Our Blog

Cloud Computing is increasingly gaining popularity today as companies rush to implement the cloud to expand their technology infrastructure.  Gartner defines cloud computing as "a style of computing in which massively scalable IT-related capabilities are provided 'as a service' using Internet technologies to multiple external customers."

Cloud computing typically utilizes significant computing power, a large number of virtual machines distributed throughout the company, large storage farms, and high bandwidth connectivity.

However, as a security professional, I have noted that Cloud Computing does not come with guarantees.  Security being the primary concern, and one which is currently mandated by State and Federal regulations

So, from a security standpoint, the questions you need to address before storing any personal information on the cloud are as follows:

1. What kind of Network and System security standards do we have to meet?
2. What are the Personal Information privacy laws? Does our system meet the requirements of the privacy laws defined by many States?
3. What are the laws regulating Personal Information if data is sent offshore?
4. For Credit Card processing management, do we meet the Credit Card standards (PCI-DSS)?
5. How can we guarantee that the data is used only as defined by the law?
6. How can we ensure that our virtual machines are kept secure?
7. What are our Breach Prevention Management policies?
8. What is our backup policy? Are our offsite and offshore protections adequate?
9. What are our contractual obligations with regards to offsite and offshore backup?
10. What are the data encryption expectations?

Join Network Security Group as we address all the above questions and more at our webinar around the CMR 201 regulation this Thursday, 1/28 at 2pm EST. 

Register here: https://www1.gotomeeting.com/register/683177321