The Seamless Enterprise

Comprehensive news and discussion of enterprise communications and converged network solutions.

Diligently Assessing Cloud Service Providers

on August 13, 2012 by Braj Thakur

We talked the other day about the cloud and compliance issues, and after writing that, we came across an item that drives that point home.

According to this article at the Bank Info Security website, the Federal Financial Information Examination Council is casting a wary eye at the cloud model, in light of past and potential data breaches. It has produced a four-page resource document designed to help financial institutions "better understand and address (the) unique risks posed by outsourced cloud-based services."

Suggesting the need for more robust controls due to the nature of the cloud, the council recommends that organizations "look beyond potential benefits and perform a thorough due diligence and risk assessment." We'd be surprised if any decent organization in what is one of the most heavily regulated industries in the country didn't perform that sort of due diligence, but we suppose it never hurts to be reminded.

The document focuses on this necessary due diligence, as well as ongoing vendor management, information security, audits, legal and regulatory compliance, and business continuity planning. It also raises some cloud-specific concerns such as data classification – how sensitive is the data and what controls, such as encryption, need to be in place for proper protection. And data segregation, determining whether the financial institution's data will share any resources with other clients of the cloud provider. And recoverability, in case of disasters or any other service interruption.

While the council focuses in this document on the cloud provider, regular readers here know that the network that connects the enterprise with its provider is equally important. Some of the key recommendations in areas such as business continuity could not be achieved without the capability and scaling capacity of strong network providers such as Sprint.

"Just using the Internet" is hardly a valid option when the data really matters, and particularly when it is highly confidential as in the case of financial institutions. Network security and reliability are absolutely critical anytime an organization's data is at stake. 

By the way, if you missed our earlier post on compliance, you can read it here.

CATEGORIES: Collaboration, Connectivity, Management
COMMENTS (0)
TAGS: , , , , , , , , , ,

Comments (0) Leave a Comment

Add a comment:

Name:
Email:
Website:

  • Comment
  • Preview
Loading


About the Author

As Product Marketing Manager, Braj Thakur is currently leading cloud computing initiatives for Sprint and is heavily involved in mobile enablement. In his career at Sprint, Braj has played key roles in several trend-setting mobility initiatives, including the first text messaging platform, first wireless web platform, first picture mail, first mobile broadband data card, and the 3G and 4G platform buildout. Braj is an expert in application integration, mobile solution development, database architecture and administration, ITIL implementation, data center-server-storage consolidation, and migration. He has 27 patent applications in the areas of business continuity, mobile content delivery, storage, computing, database management, and disaster recovery. Braj is known for his keen sense of identifying and capitalizing on emerging trends and business model changes by focusing on product and technology portfolio design. He has a degree in Computer Science along with a MBA.

Share

More news
from sprint

Register here to receive
future newletters
from Sprint.

Register