This research note is one of series of documents describing KuppingerCole’s basic positions and providing insights into IT Service and Information Security Management. It describes the principal information security risks associated with Cloud computing and how these risks can be managed by effective IT service management using the KuppingerCole model.
The Cloud provides an alternative way of providing or procuring IT services and offers many benefits including increased flexibility as well as reduced cost. It extends the spectrum of IT service delivery models beyond managed and hosted services to a form that is packaged and commoditized. In KuppingerCole’s opinion, Cloud computing isn’t a strategic question for IT or business. It is just an alternative way to obtain or provide the services that business requires. Hence it is not helpful to differentiate between “Cloud security” and “on-premise security”. The issue is to properly understand IT Security and any specific requirements related to the Cloud.