Auditing the Cloud; What is the necessary comfort level?

Presented by

Marlin Pohlman, CGO, EMC; Kevin Hardcastle, ISO, Washington Uni; Taiye Lambo, Founder, HISPI; and Raj Samani, CTO, McAfee

About this talk

* Attendees of this webcast will receive CPE credit. Cloud Computing has been hailed as the long sought after answer of low cost computing , where users can remotely store their data into the cloud and enjoy the on-demand high quality applications and services from a shared platform of resources. By outsourcing their data storage, users can be relieved from the burden of local data storage and maintenance, in some cases eliminating IT departments all together. However, no longer having physical possession of their data makes the data integrity protection in the Cloud environment sets the stage for a potentially lethal environment, especially for users with constrained computing resources and capabilities. Thus, allowing or even mandating 3rd party security and compliance audits for Cloud Service Providers (CSP) is of critical importance so that users can resort to an external audit party to check the integrity of outsourced data when needed. The number one concern for many organizations is how to ensure adequate information security i.e. confidentiality, integrity and availability of critical data stored by the cloud service provider whilst also balancing the need for confidentiality versus integrity versus availability. This serious concern has created the need for standardization and consistency in audit and assurance practices in the cloud computing space, particularly third party audit and assurance. Over burdening the Cloud Service Providers with a multitude of continuous audits will increase the cost of the service and the internal costs associated with monitoring and managing the audit processes and reports. Join our panel of experts as they discuss the issues surrounding the main concerns of Cloud Computing, the different audit approaches and tools that are being offered, the evaluation of those tools and what is a common sense, efficient and cost effective process to follow when evaluating a Cloud Service Provider.

Related topics:

More from this channel

Upcoming talks (4)
On-demand talks (138)
Subscribers (40791)
The IT GRC Forum produces online events and provides professional networking facilities and market intelligence to Governance, Risk Management and Compliance professionals.