English   Deutsch      

Advisory Note: Cloud Provider Assurance - 70586

Can an organization trust an IT service provided through the Cloud? A survey by KuppingerCole showed that “Cloud security issues (84.4%) and Cloud privacy and compliance issues (84.9%) are the major inhibitors preventing organizations from moving to a private Cloud.” The answer to this question can be found in the old Russian maxim, which was often quoted by President Ronald Regan: “trust but verify”.

Cloud services are outside the direct control of the customer organization, and their use places control of the IT service and infrastructure in the hands of the CSP (Cloud Service Provider). This fits with the KuppingerCole IT Paradigm for IT Governance. A governance based approach allows trust in the CSP to be assured through a combination of internal processes, standards and independent assessments.

The governance process starts with a clear understanding of the business requirements for the service. The risks and the technical, compliance and legal requirements follow directly from these business needs. These business needs, technical requirements and risks form the basis for what needs to be assured.


You can get access to this document for free, if you register for KuppingerCole Select access now.

Date Title Price
02.10.12 Advisory Note: Cloud Provider Assurance - 70586


€495.00 GET ACCESS 
top
KuppingerCole Select
Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.
Register now
Spotlight
Cloud Provider Assurance
Using the cloud involves an element of trust between the consumer and the provider of a cloud service; however, it is vital to verify that this trust is well founded. Assurance is the process that provides this verification. The first step towards assuring a cloud service is to understand the business requirements for it. The needs for cost, compliance and security follow directly from these requirements. There is no absolute assurance level for a cloud service – it needs to be just as secure, compliant and cost effective as dictated by the business needs –– no more and no less.
KC Trusted Independent Advice in CLoud ASSurance
KC CLASS includes a detailed analysis of the Cloud Assurance management tasks in your company and the current status of the Cloud Services integration in your IAM, and a recommendation on how you can standardize the approach for the evaluation of Cloud Service Providers.
Links
 KuppingerCole News

 KuppingerCole on Facebook

 KuppingerCole on Twitter

 KuppingerCole on Google+

 KuppingerCole on YouTube

 KuppingerCole at LinkedIn

 Our group at LinkedIn

 Our group at Xing

 GenericIAM
Imprint       General Terms and Conditions       Terms of Use       Privacy policy
© 2003-2014 KuppingerCole