Independent security expert group Jericho Forum has
published a paper that outlines the areas businesses need to
consider when evaluating a cloud computing
environment.
As reported
recently in Computer Weekly, the cloud has massive implications
for how users evaluate risk, secure data and decide on what
business continuity set up to establish. The path to success is to
build security in from the beginning.
According to the Jericho Forum, cloud computing opens a
potential Pandora's Box of security nightmares, not least of which
is loss of data confidentiality and integrity.
Adrian Seccombe, CISO and senior enterprise information
architect at Eli Lilly and Jericho Forum board member, said, "A
carefully analysed and chosen approach to implementing cloud
computing can bring those security issues back under control. It is
essential to get the foundations right and for each business to
develop a cloud model that enables consumerisation, drives down
cost and reduces risk."
The group's
cloud cube computing model is designed to help businesses
evaluate the risk and opportunity associated with moving in to the
cloud.
John Meakin, Jericho Forum board member and director of digital
security and CISO for BP, said, "This practical blueprint is geared
to showing each organisation how to architect for safe business
collaboration in a way that fits its individual needs. Developing a
set of best practice principles addressing secure collaboration in
the cloud is the obvious - and indeed important - next goal for
us."