Blog posts by Mike Small

Blog

Cloud: hope for the best but plan for the worst

The past couple of weeks must have been an anxious time for the customers of the outsourcing service run by 2e2 which went into administration on January 29 th .  This impacted on a range of organizations including hospitals . The good news today is that the Daisy Group plc . has been appointed to manage the 2e2 Data Centre business.  Organizations are now almost totally dependent on their IT services to operate. It is tempting to think that outsourcing the service absolves you of any responsibility.  This is not the case; an organization using a cloud service is still responsible for...

Blog

Top Ten Tips for Negotiating and Assuring Cloud Services

KuppingerCole research confirms that “security, privacy and compliance issues are the major inhibitors preventing organizations from moving to a private cloud.”  Our report on Cloud Provider Assurance provides information in depth on how to manage these issues.  Here is a summary of our top ten tips on negotiating and assuring cloud services. Consistent IT governance is critical: The cloud is just an alternative way of obtaining IT services and, for most organizations; it will be only one component of the overall complex IT service infrastructure.  IT Governance provides a way to...

Blog

Data Breaches during 2012 demonstrate the need for better information stewardship

Was 2012 a big year for IT security breaches? Whilst I don’t have quantitative information on exactly how many data breaches there were during 2012.  However, during this period, there were many prosecutions, enforcement notices and monetary penalties issued by the ICO (UK Information Commissioner's Office).  These included a record monetary penalty of £325,000 for a hospital in the UK where discs containing patient data were sold on the internet , a penalty of £150,000 for Greater Manchester Police where an officer lost an memory stick with unencrypted information relating to...

Blog

Negotiating and Assuring Cloud Services

Adopting cloud computing means moving from “hands on” management of IT services within the organization to “hands off” IT management using governance, service level agreements and contracts. This approach sits uneasily with many IT people whose education, training and experience are in the delivery of services rather than negotiation and governance. Nevertheless the IT department is an important player in ensuring that an organization gets what it needs from the cloud.  IT Service and Security Management are key components of the KuppingerCole IT paradigm which identifies the important...

Blog

RSA Conference 2012 Podcast: Cloud Provider Assurance

Cloud computing provides organisations with an alternative way of obtaining IT services. However many organisations are reluctant to adopt the Cloud because of concerns over information security and loss of control. This presentation covers assurance approaches to managing the Cloud including CSA Controls Matrix, SSAE16/ISAE3401, BITS Shared Assessments and ISO 27001. RSACE2012 Podcast: GRC-301: Cloud Provider Assurance Listen to the podcast now: [audio:http://rsa.edgeboss.net/download/rsa/rsaconference/2012/eu/podcasts/RSAC_08-30-12-GRC-301.mp3] Or download the audio file...

Blog

A CHANGE FOR THE BETTER?

There is an old joke that circulated amongst IT professionals during the 1980s – this joke goes as follows.  A man goes up to an ATM puts his card in the machine and requests some cash.  The machine accepts his card and PIN but doesn’t give out any cash.  He goes into the bank and tells a cashier what has happened.  The cashier replies – “that’s strange because we just had brand new software installed this morning”.  This joke is probably not funny if you bank with RBS in the UK . I normally write about IT security issues so – why is it that this entry is about managing change.  Well -...

Blog

Security out of the Blue

If you were asked to think of an IT security firm perhaps IBM would not be top of the list.  However IBM has a significant set of products in this market and it manages the security of its customers’ outsourced and cloud systems, as well as that of its very large internal IT operations.  Following the acquisition of Q1 Labs late last year IBM is reorganizing to bring together all the security products under one division.  Well large companies are forever re-organizing so why does this change matter?  In short this is important because it reflects the increasing level of cyber risk and the...

Blog

THE DIMINISHING NETWORK PERIMETER

I just returned from NISC - the National Information Security Conference - held this year in Cumbernauld in Scotland. The theme of this event was “the diminishing network perimeter”. With the advent of smart phones, tablets, Kindles and BYOD, the boundaries between the work and home environment have dissolved so how do you maintain the security of your corporate network? How does this impact on the corporate network, and how much can you put into the cloud? There were many interesting sessions around this theme and, as well as giving a talk on the Deadly Sins of Cloud computing, I...

Blog

Choosing the Right Cloud

Adopting Cloud computing can save money, but it is important to choose the right Cloud solution for your business need. KuppingerCole have produced a Scenario Report – Understanding Cloud Computing to help you make the right choice. The Cloud provides an alternative way of procuring IT services that offers many benefits including increased flexibility as well as reduced cost.  It extends the spectrum of IT service delivery models beyond managed and hosted services to a form that is packaged and commoditized. The Cloud is not one thing; it covers a wide spectrum of types of...

Blog

CLOUD COMPUTING DEADLY SINS

Adopting Cloud computing can save money, you need to avoid the seven deadly sins. The Cloud provides an increasingly popular way of procuring IT services that offers many benefits including increased flexibility as well as reduced cost. It extends the spectrum of IT service delivery models beyond managed and hosted services to a form that is packaged and commoditized. However - many organizations are sleepwalking into the Cloud. Moving to the Cloud may outsource the provision of the IT service, but it does not outsource the customer’s responsibilities. There are issues that may be...


KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Stay Connected

Subscribe to our Podcasts

KuppingerCole Podcasts - watch or listen anywhere


How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00