Blog posts by Mike Small

Blog

Top Ten Tips for Negotiating and Assuring Cloud Services

KuppingerCole research confirms that “security, privacy and compliance issues are the major inhibitors preventing organizations from moving to a private cloud.”  Our report on Cloud Provider Assurance provides information in depth on how to manage these issues.  Here is a summary of our top ten tips on negotiating and assuring cloud services. Consistent IT governance is critical: The cloud is just an alternative way of obtaining IT services and, for most organizations; it will be only one component of the overall complex IT service infrastructure.  IT Governance provides a way to...

Blog

Data Breaches during 2012 demonstrate the need for better information stewardship

Was 2012 a big year for IT security breaches? Whilst I don’t have quantitative information on exactly how many data breaches there were during 2012.  However, during this period, there were many prosecutions, enforcement notices and monetary penalties issued by the ICO (UK Information Commissioner's Office).  These included a record monetary penalty of £325,000 for a hospital in the UK where discs containing patient data were sold on the internet , a penalty of £150,000 for Greater Manchester Police where an officer lost an memory stick with unencrypted information relating to...

Blog

Negotiating and Assuring Cloud Services

Adopting cloud computing means moving from “hands on” management of IT services within the organization to “hands off” IT management using governance, service level agreements and contracts. This approach sits uneasily with many IT people whose education, training and experience are in the delivery of services rather than negotiation and governance. Nevertheless the IT department is an important player in ensuring that an organization gets what it needs from the cloud.  IT Service and Security Management are key components of the KuppingerCole IT paradigm which identifies the important...

Blog

RSA Conference 2012 Podcast: Cloud Provider Assurance

Cloud computing provides organisations with an alternative way of obtaining IT services. However many organisations are reluctant to adopt the Cloud because of concerns over information security and loss of control. This presentation covers assurance approaches to managing the Cloud including CSA Controls Matrix, SSAE16/ISAE3401, BITS Shared Assessments and ISO 27001. RSACE2012 Podcast: GRC-301: Cloud Provider Assurance Listen to the podcast now: [audio:http://rsa.edgeboss.net/download/rsa/rsaconference/2012/eu/podcasts/RSAC_08-30-12-GRC-301.mp3] Or download the audio file...

Blog

A CHANGE FOR THE BETTER?

There is an old joke that circulated amongst IT professionals during the 1980s – this joke goes as follows.  A man goes up to an ATM puts his card in the machine and requests some cash.  The machine accepts his card and PIN but doesn’t give out any cash.  He goes into the bank and tells a cashier what has happened.  The cashier replies – “that’s strange because we just had brand new software installed this morning”.  This joke is probably not funny if you bank with RBS in the UK . I normally write about IT security issues so – why is it that this entry is about managing change.  Well -...

Blog

Security out of the Blue

If you were asked to think of an IT security firm perhaps IBM would not be top of the list.  However IBM has a significant set of products in this market and it manages the security of its customers’ outsourced and cloud systems, as well as that of its very large internal IT operations.  Following the acquisition of Q1 Labs late last year IBM is reorganizing to bring together all the security products under one division.  Well large companies are forever re-organizing so why does this change matter?  In short this is important because it reflects the increasing level of cyber risk and the...

Blog

THE DIMINISHING NETWORK PERIMETER

I just returned from NISC - the National Information Security Conference - held this year in Cumbernauld in Scotland. The theme of this event was “the diminishing network perimeter”. With the advent of smart phones, tablets, Kindles and BYOD, the boundaries between the work and home environment have dissolved so how do you maintain the security of your corporate network? How does this impact on the corporate network, and how much can you put into the cloud? There were many interesting sessions around this theme and, as well as giving a talk on the Deadly Sins of Cloud computing, I...

Blog

Choosing the Right Cloud

Adopting Cloud computing can save money, but it is important to choose the right Cloud solution for your business need. KuppingerCole have produced a Scenario Report – Understanding Cloud Computing to help you make the right choice. The Cloud provides an alternative way of procuring IT services that offers many benefits including increased flexibility as well as reduced cost.  It extends the spectrum of IT service delivery models beyond managed and hosted services to a form that is packaged and commoditized. The Cloud is not one thing; it covers a wide spectrum of types of...

Blog

CLOUD COMPUTING DEADLY SINS

Adopting Cloud computing can save money, you need to avoid the seven deadly sins. The Cloud provides an increasingly popular way of procuring IT services that offers many benefits including increased flexibility as well as reduced cost. It extends the spectrum of IT service delivery models beyond managed and hosted services to a form that is packaged and commoditized. However - many organizations are sleepwalking into the Cloud. Moving to the Cloud may outsource the provision of the IT service, but it does not outsource the customer’s responsibilities. There are issues that may be...

Blog

EVERY MOVE YOU MAKE I’LL BE WATCHING YOU

Is your location private? If you have installed an App on a smartphone it is almost certain that your location is being tracked. So should you care? Are you giving away details of your movements too cheaply? Is being able to track where your children are a benefit or a risk? To find the answers to these and other questions, on December 12th I attended “A Fine Balance 2011: Location and Cyber privacy in the digital age” sponsored by the UK Knowledge Transfer Network. The title to this article is taken from the lyrics of a 1983 song by “The Police” that was used as the basis of a talk...


KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Stay Connected

KuppingerCole on social media

Subscribe to our Podcasts

KuppingerCole Podcasts - listen anywhere


How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00