TechTarget

Security Think Tank: CISOs should be first stop on the way to cloud

Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?

The most compelling reason for any business to look towards the cloud is cost, with security and privacy usually way down the list. Whether or not a business opts for a public or private cloud depends on what companies are willing to spend.  

Followed by cost are usually concerns around availability. Businesses typically opt for a private cloud scenario where they want tighter controls around service level agreements and uptime guarantees, as typically public cloud arrangements cannot offer the five or six nines that larger businesses mandate.

Once business executives have made up their mind how much they are willing to spend and what service levels are acceptable, they will either just go ahead and purchase a cloud solution or, if in a good mood, might run it by their chief information security officer (CISO).

It has to be said that most CISOs get somewhat annoyed about being left out of the loop and having to make snap decisions on whether or not businesses should really be venturing into the cloud, especially at the last minute. 

In terms of security and privacy for deciding whether public or private cloud is more appropriate, the best approach is for businesses to involve their CISOs at a very early stage so that the time and effort put into researching the best possible cost and availability options is not wasted and that businesses make a sound, balanced decision that embraces cost, availability and security.  

With regards privacy, engaging a cloud provider means giving a third party your data. If your data is really that sensitive and you are selling nuclear missile components, then please do not put your blueprints in the cloud.


Tim Holman is president of ISSA-UK and CEO at 2-sec.

This was first published in February 2014

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close