Cloud Computing - Reaping the Benefits and Avoiding the Pitfalls. Stuart James & Delizia Diaz. Intellectual Property & Technology Webinar
|
|
- Ursula Jenkins
- 5 years ago
- Views:
Transcription
1 Intellectual Property & Technology Webinar Cloud Computing - Reaping the Benefits and Avoiding the Pitfalls Stuart James & Delizia Diaz 37 Offices in 18 Countries Birmingham Wednesday, 11 July 2012
2 Speakers Stuart James Delizia Diaz Partner Associate T: T: M: M: E: E: 2
3 Webinar Agenda An overview of Cloud Computing Opportunities presented by the Cloud Key risk areas A silver lining for the Cloud? 3
4 Cloud Computing Overview (1) What is Cloud Computing? Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models. * Build Your Own Subscribe, Plug In, Pay-per-Use 4 *National Institute of Standards and Technology (NIST), SP , September 2011.
5 Cloud Computing Overview (2) Well known Cloud Computing offerings 5
6 Cloud Computing Overview (3) CLOUD Deployment Models Public Customer Customer Customer Private VPN / leased line or Internet link Single customer Hybrid Community 6 Multi-tenancy model
7 Cloud Computing Overview (4) CLOUD Service Models IaaS Infrastructure as a Service PaaS Platform as a Service SaaS Software as a Service Infrastructure Infrastructure Platform Infrastructure Platform Application 7
8 Opportunities and Benefits Lower costs: No upfront investment in servers/data centres No software licensing No software updates for customers/maintenance costs Scalability On-demand: Pay for what you use (bandwidth/server space, etc.) Enhanced Security Faster implementation IT Team focus on core business Access to latest IT upgrades/developments 8
9 Cloud Computing - Key Risk Areas Cloud provider service commitments Standard provider offering: as is, as available Clear service specifications Key service levels: Functionality Availability Performance Back-up Disaster Recovery-Business Continuity Measurement/Reporting Remedies? (Service credits/other types of damages) 9
10 Cloud Computing - Key Risk Areas Data location and traceability Retain some level of control over data location/storage Regional/country offering Traceability/audit trail requirements 10
11 Cloud Computing Key Risk Areas Information Security - Security requirements Data in Transit Secure encryption (SSL) Data at Rest Physical Security Logical Security Encryption (shortcomings?) Access rights management/ audit trails Virtual segregation/multi-tenancy architecture External intrusions/network attacks Staff access controls 11
12 Cloud Computing Key Risk Areas Information Security (Cont d) Assessment of compliance with security requirements Contractual commitments Audits Certifications Incident response Notification Cooperation 12
13 Cloud Computing - Key Risk Areas Investigations and litigation Accessing data: Cloud users: Ability to retrieve data (e.g. internal investigations, data protection request, internal or external audit requests, etc) Cloud providers - third party requests (e.g. subpoenas) What are the provider s obligations? 13
14 Cloud Computing - Key Risk Areas Regulatory and legal compliance EU Data Protection compliance Consent Access requests Security of personal data Subcontractors Transfers outside of the EEA Data loss/breach notification 14
15 Cloud Computing - Key Risk Areas Regulatory and legal compliance (Cont d) State/country specific requirements US: Patriot Act, Sarbanes Oxley, Gramm Leach Bliley Act, Electronic Communications Privacy Act UK : Regulation of Investigatory Powers Act Sector/organisation specific governance or compliance requirements (e.g. Health Insurance Portability and Accountability Act, Health Information Technology, for Economic and Clinical Health Act, FSA in UK, telecoms, etc) Export/trade restrictions (e.g. encryption, EU dual use, etc) 15
16 Cloud Computing - Key Risk Areas Contractual (or externally imposed) limitations and restrictions Audits required by cloud user s customers Restrictions on data location Scope of software licences Restrictions on indemnities (e.g. government contracts) PCI DSS compliance 16
17 Cloud Computing - Key Risk Areas Lock- in, exit and service transfer Proprietary systems Loss of IT expertise Lack of exit support lock-in Lock-in? Risk mitigation: Open standards Return of data Data deletion Migration support Data back-up Escrow 17
18 Cloud Computing - Key Risk Areas Cloud provider s liability Standard terms take it or leave it Limited warranties Wide exclusions of or caps on liability (including loss of profit) Public vs Private Cloud 18
19 Cloud Computing - Key Risk Areas Insurance Existing policies: business interruption insurance coverage? Specific policies: cyber liability insurance 19
20 Recommended Steps Assessment of business goals What applications and data will be migrated to the Cloud? Prior due diligence checks is your provider financially viable and can they technically deliver? Clear understanding of risks what if it all goes wrong? Technical and legal assurances provided by cloud providers (including security requirements) Carefully negotiate contracts (focus on key business areas?) Monitor compliance on a regular basis 20
21 A Silver Lining for the Cloud? Competition between providers willingness to negotiate terms service offering market consolidation Development of specific standards - industry codes & certifications Privacy by design Developments and adaptation of EU privacy laws to new technologies? Insurance 21
22 Contacts Stuart James Delizia Diaz Partner Associate T: T: M: M: E: E: 22
23 Worldwide Locations North America Latin America Europe & Middle East Asia Pacific Cincinnati Northern Virginia Bogotá+ Beirut+ Leeds Beijing Cleveland Palo Alto Buenos Aires+ Berlin London Hong Kong Columbus Phoenix Caracas+ Birmingham Madrid Perth Houston San Francisco La Paz+ Bratislava Manchester Shanghai Los Angeles Tampa Lima+ Brussels Moscow Singapore Miami Washington DC Panamá+ Bucharest+ Paris Tokyo New York West Palm Beach Rio de Janeiro Budapest Prague Santiago+ Frankfurt Riyadh+ Santo Domingo Kyiv Warsaw 23 + Independent Network Firm
Association of Corporate Counsel
Type in document reference # if needed Privacy protection in a Globalized World Association of Corporate Counsel New York, 24 March 2015 1 The plan Bringing out the main cross-border privacy issues for
More informationCloud Computing: Overcoming the Legal and Regulatory Challenges. November
Cloud Computing: Overcoming the Legal and Regulatory Challenges November 2011 2 Cloud Computing: Overcoming the Legal and Regulatory Challenges November 2011 Cloud Computing Overcoming the Legal and Regulatory
More informationINTO THE CLOUD WHAT YOU NEED TO KNOW ABOUT ADOPTION AND ENSURING COMPLIANCE
INTO THE CLOUD WHAT YOU NEED TO KNOW ABOUT ADOPTION AND ENSURING COMPLIANCE INTRODUCTION AGENDA 01. Overview of Cloud Services 02. Cloud Computing Compliance Framework 03. Cloud Adoption and Enhancing
More informationHOT TOPICS IN DATA PRIVACY REGULATION IN RUSSIA
HOT TOPICS IN DATA PRIVACY REGULATION IN RUSSIA Ksenia Andreeva Anastasia Dergacheva Vasilisa Strizh November 27, 2018 2018 Morgan, Lewis & Bockius 2017 Morgan, Lewis & Bockius Contents News from the Russian
More informationCloud Computing, SaaS and Outsourcing
Cloud Computing, SaaS and Outsourcing Michelle Perez, AGC Privacy, IPG Bonnie Yeomans, VP, AGC & Privacy Officer, CA Technologies PLI TechLaw Institute 2017: The Digital Agenda Introduction to the Cloud
More informationCloud Computing Legal Issues Practising Law institute 2015 San Francisco New York Chicago
Cloud Computing Legal Issues Practising Law institute 2015 San Francisco New York Chicago Peter J. Kinsella 303/291-2328 Agenda Introduction and overview of cloud computing technologies Frequently raised
More informationEY Cyber Response Services. Plan. React. Recover.
EY Cyber Response Services Plan. React. Recover. Insurance claim preparation Data recovery How EY can help Data privacy and GDPR compliance Cyber planning Our full suite of cyber capabilities Litigation
More informationDealing with Security and Security Breaches
BEIJING BRUSSELS CHICAGO DALLAS FRANKFURT GENEVA HONG KONG LONDON LOS ANGELES NEW YORK PALO ALTO SAN FRANCISCO SHANGHAI SINGAPORE SYDNEY TOKYO WASHINGTON, D.C. Dealing with Security and Security Breaches
More informationThe IBM Platform Computing HPC Cloud Service. Solution Overview
The IBM Platform Computing HPC Cloud Service Solution Overview Industry-leading workload management 20 years managing distributed scale-out systems with 2000+ customers in many industries High performance
More informationGDPR Privacy Webinar. Prioritizing Your Path towards GDPR Compliance Annika Sponselee and Nicole Vreeman 28 February 2018
GDPR Privacy Webinar Prioritizing Your Path towards GDPR Compliance Annika Sponselee and Nicole Vreeman 28 February 2018 Prioritizing Your Path to GDPR Compliance Presented by Half-Day Workshops Online
More informationTitolo della presentazione 1
GLOBAL FORUM 2003 Introducing stance Rome, November 6th, 2003 2 Why TI Sparkle: to strengthen TI s international position by leveraging on foreign assets and capabilities Introducing Understanding the
More informationThe Stakes Are Going Up: Hacking and the New Paradigm of Data Breaches
The Stakes Are Going Up: Hacking and the New Paradigm of Data Breaches Edward McNicholas Global Co-Leader, Privacy, Data Security and Information Law Sidley Austin LLP The cyber threat is one of the most
More informationTHE PLATFORM EQUINIX VISION
THE PLATFORM EQUINIX VISION Build Here, and Go Anywhere SUMMARY Key trends are driving the need for a single interconnection platform for digital business On the Equinix global interconnection platform
More informationProposed WEEE Directive A Step-by-Step Analysis
Proposed WEEE Directive A Step-by-Step Analysis NEMI Product Take-Back and Recycling Workshop October 10-11 Louisville, Colorado Jean-Philippe Brisson, attorney jp.brisson@allenovery.com Outline Section
More informationTHE PLATFORM EQUINIX VISION
THE PLATFORM EQUINIX VISION Build Here, and Go Anywhere SUMMARY Key trends are driving the need for a single interconnection platform for digital business On the Equinix global interconnection platform
More informationFDA Releases FSMA Final Rule on Accreditation of Third Party Certification Bodies
Hogan Lovells US LLP Columbia Square 555 Thirteenth Street, NW Washington, DC 20004 T +1 202 637 5600 F +1 202 637 5910 www.hoganlovells.com MEMORANDUM From: Joseph A. Levitt Elizabeth Barr Fawell Maile
More informationThe Impact of Cybersecurity, Data Privacy and Social Media
Doing Business in a Connected World The Impact of Cybersecurity, Data Privacy and Social Media Security Incident tprevention and Response: Customizing i a Formula for Results Joseph hm. Ah Asher Marcus
More informationCloud Computing Standard 1.1 INTRODUCTION 2.1 PURPOSE. Effective Date: July 28, 2015
Cloud Computing Standard Effective Date: July 28, 2015 1.1 INTRODUCTION Cloud computing services are application and infrastructure resources that users access via the Internet. These services, contractually
More informationAuditing the Cloud. Paul Engle CISA, CIA
Auditing the Cloud Paul Engle CISA, CIA About the Speaker Paul Engle CISA, CIA o Fifteen years performing internal audit, IT internal audit, and consulting projects o Internal audit clients include ADP,
More informationHow to ensure control and security when moving to SaaS/cloud applications
How to ensure control and security when moving to SaaS/cloud applications Stéphane Hurtaud Partner Information & Technology Risk Deloitte Laurent de la Vaissière Directeur Information & Technology Risk
More informationIT Audit Process Prof. Liang Yao Week Two IT Audit Function
Week Two IT Audit Function Why we need IT audit A Case Study What You Can Learn about Risk Management from Societe Generale? https://www.cio.com/article/2436790/security0/what-you-can-learn-about-risk-management-fromsociete-generale.html
More informationCYBER THREATS, ACTIVE DEFENSE, AND THE BUSINESS AND LEGAL IMPACTS. October 20, Robert Silvers
CYBER THREATS, ACTIVE DEFENSE, AND THE BUSINESS AND LEGAL IMPACTS October 20, 2017 Robert Silvers +1 202 551 1216 robertsilvers@paulhastings.com Haiyan Tang +86 21 6103 2722 haiyantang@paulhastings.com
More informationBuilding Trust in the Era of Cloud Computing
Building Trust in the Era of Cloud Computing ICMC 2017 Conference May 17, 2017 v1.0 David Gerendas Group Product Manager TRUST A FIRM belief in the! Reliability! Truth! Ability of someone or something.
More informationData Security: Public Contracts and the Cloud
Data Security: Public Contracts and the Cloud July 27, 2012 ABA Public Contract Law Section, State and Local Division Ieuan Mahony Holland & Knight ieuan.mahony@hklaw.com Roadmap Why is security a concern?
More informationOne Planet. One Network. Infinite Possibilities.
One Planet. One Network. Infinite Possibilities. IPv6 in the Global Crossing IP Network May 26, 2005 Ed Bursk, Vice President Government Global Crossing Overview Global Crossing was founded seven years
More informationCloud Computing. Presentation to AGA April 20, Mike Teller Steve Wilson
Presentation to AGA April 20, 2017 Mike Teller Steve Wilson Agenda: What is cloud computing? What are the potential benefits of cloud computing? What are some of the important issues agencies need to consider
More informationKey Customer Issues to Consider Before Entering into a Cloud Services Arrangement
Key Customer Issues to Consider Before Entering into a Cloud Services Arrangement Law Seminars International December 9, 2014 Peter J. Kinsella 303/291-2328 The information provided in this presentation
More informationPRC Cyber Security Law --- How does it affect a UK business? Xun Yang Of Counsel, Commercial IP and Technology
PRC Cyber Security Law --- How does it affect a UK business? Xun Yang Of Counsel, Commercial IP and Technology 24 October 2017 Content Overview of Cyber Security Law Observations on Implementation of Cyber
More informationA Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud
A Checklist for Compliance in the Cloud 1 A Checklist for Compliance in the Cloud A Checklist for Compliance in the Cloud 1 With the industrialization of hacking and the enormous impact of security breaches,
More information2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response Intelligence in Action
2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response Intelligence in Action April 11, 2018 Contact Information Casie D. Collignon Partner Denver 303.764.4037 ccollignon@bakerlaw.com
More informationPublic vs private cloud for regulated entities
Public vs private cloud for regulated entities DC2: Restricted use The cloud is for everyone but not for everything 2 Opportunity enabler DC2: Restricted use Flexibility SAAS Public Accessibility Agility
More informationSecurity Models for Cloud
Security Models for Cloud Kurtis E. Minder, CISSP December 03, 2011 Introduction Kurtis E. Minder, Technical Sales Professional Companies: Roles: Security Design Engineer Systems Engineer Sales Engineer
More informationLEVEL 3 SM WEBSITE ACCELERATION SERVICES
LEVEL 3 SM WEBSITE ACCELERATION SERVICES WEBSITE CONSUMERS ARE IMPATIENT, which makes your website performance extremely critical. Whether you are delivering content to a desktop, tablet or mobile device,
More informationNYDFS Cybersecurity Regulations: What do they mean? What is their impact?
June 13, 2017 NYDFS Cybersecurity Regulations: What do they mean? What is their impact? Gus Coldebella Principal, Boston Caroline Simons Principal, Boston Agenda 1) Overview of the new regulations 2) Assessing
More informationCloud First Policy General Directorate of Governance and Operations Version April 2017
General Directorate of Governance and Operations Version 1.0 24 April 2017 Table of Contents Definitions/Glossary... 2 Policy statement... 3 Entities Affected by this Policy... 3 Who Should Read this Policy...
More informationCyber Security Law --- Are you ready?
Cyber Security Law --- Are you ready? Xun Yang Of Counsel, Commercial IP and Technology 9 May 2017 1 / B_LIVE_APAC1:2207856v1 Content Overview of Cyber Security Law Legislative Development Key Issues in
More informationData Security, Integrity and Accessibility in the Cloud
Data Security, Integrity and Accessibility in the Cloud Shared Responsibility Principles for Financial Services Institutions & Cloud Service Providers Introduction This document presents principles intended
More informationGetting to Data Nirvana Data lakes and GDPR
Getting to Data Nirvana Data lakes and GDPR A User's guide 1 Hogan Lovells Data lakes and GDPR: A User's guide 3 Copyright 2018. This report is the property of Hogan Lovells and may not be published or
More informationNYDFS Cybersecurity Regulations
SPEAKERS NYDFS Cybersecurity Regulations Lisa J. Sotto Hunton & Williams LLP (212) 309-1223 lsotto@hunton.com www.huntonprivacyblog.com March 9, 2017 The Privacy Team at Hunton & Williams Over 30 privacy
More informationDisruptive Technologies Legal and Regulatory Aspects. 16 May 2017 Investment Summit - Swiss Gobal Enterprise
Disruptive Technologies Legal and Regulatory Aspects 16 May 2017 Investment Summit - Swiss Gobal Enterprise Legal and Regulatory Framework in Switzerland Legal and regulatory Framework: no laws or provisions
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationSOC 3 for Security and Availability
SOC 3 for Security and Availability Independent Practioner s Trust Services Report For the Period October 1, 2015 through September 30, 2016 Independent SOC 3 Report for the Security and Availability Trust
More informationCyber Security in M&A. Joshua Stone, CIA, CFE, CISA
Cyber Security in M&A Joshua Stone, CIA, CFE, CISA Agenda About Whitley Penn, LLP The Threat Landscape Changed Cybersecurity Due Diligence Privacy Practices Cybersecurity Practices Costs of a Data Breach
More informationChoosing a Secure Cloud Service Provider
Choosing a Secure Cloud Service Provider Dr. Ricci IEONG, CISSP, CISA, CISM, CCSK, CCSP, CEH,GPEN, GIAC Advisory Board, ISSAP, ISSMP, F.ISFS Vice President Professional Development Cloud Security Alliance
More informationA Checklist for Cybersecurity and Data Privacy Diligence in TMT Transactions
May 2018 TMT INSIGHTS From the Debevoise Technology, Media & Telecommunications Practice A Checklist for Cybersecurity and Data Privacy Diligence in TMT Transactions Companies in the technology, media
More informationWHITE PAPER. Title. Managed Services for SAS Technology
WHITE PAPER Hosted Title Managed Services for SAS Technology ii Contents Performance... 1 Optimal storage and sizing...1 Secure, no-hassle access...2 Dedicated computing infrastructure...2 Early and pre-emptive
More informationWhy trading firms choose... Connexus Voice. For Traders
Why trading firms choose... Connexus Voice For Traders Intelligent SIP based Voice Services Financial traders need instant connectivity to their counterparties, and private Connexus Voice circuits provide
More informationHow icims Supports. Your Readiness for the European Union General Data Protection Regulation
How icims Supports Your Readiness for the European Union General Data Protection Regulation The GDPR is the EU s next generation of data protection law. Aiming to strengthen the security and protection
More information1/10/2011. Topics. What is the Cloud? Cloud Computing
Cloud Computing Topics 1. What is the Cloud? 2. What is Cloud Computing? 3. Cloud Service Architectures 4. History of Cloud Computing 5. Advantages of Cloud Computing 6. Disadvantages of Cloud Computing
More informationThird-Party Cyber Risk Management Webinar May 23, 2017
Third-Party Cyber Risk Management Webinar May 23, 2017 Today s speakers Nikole Davenport Senior Manager Deloitte & Touche LLP Nikole is a senior manager in Deloitte s Cyber Risk Services practice, specializing
More informationWelcome & Introductions
Addressing Data Privacy and Security Compliance in Cloud Computing Benjamin Hayes, Director of Legal Services, Data Privacy Compliance North America Accenture Copyright 2011 Accenture All Rights Reserved.
More informationEU DATA PRIVACY COMPLIANCE FOR US DRIVEN PROJECTS
EU DATA PRIVACY COMPLIANCE FOR US DRIVEN PROJECTS 18 May 2014 Monica Salgado Portuguese Laywer (Advogada) / Registered European Lawyer Janine Regan Solicitor Monica Salgado Monica is a Portuguese qualified
More informationManaging IT in a Cloudy World
10:30 12:10 May 7, 2018 Room 240 Complex 112 th Annual Conference May 6-9, 2018 St. Louis, Missouri Moderator/Speakers: Allison E. Bradsher (Moderator) Chief Financial Officer, City of Raleigh, NC Phil
More informationControlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:
Page 1 of 6 I. Common Principles and Approaches to Privacy A. A Modern History of Privacy a. Descriptions, definitions and classes b. Historical and social origins B. Types of Information a. Personal information
More informationBHConsulting. Your trusted cybersecurity partner
Your trusted cybersecurity partner BH Consulting Securing your business BH Consulting is an award-winning, independent provider of cybersecurity consulting and information security advisory services. Recognised
More informationFive Ways that Privacy Shield is Different from Safe Harbor and Five Simple Steps Companies Can Take to Prepare for Certification
July 2016 Follow @Paul_Hastings Five Ways that Privacy Shield is Different from Safe Harbor and Five Simple Steps Companies Can Take to Prepare for Certification By Paul Hastings Global Privacy and Cybersecurity
More informationSCCE ECEI 2014 EU DATA PRIVACY COMPLIANCE FOR US DRIVEN PROJECTS. Monica Salgado JANINE REGAN CIPP/E
EU DATA PRIVACY COMPLIANCE FOR US DRIVEN PROJECTS 18 May 2014 Monica Salgado Portuguese Laywer (Advogada) / Registered European Lawyer Janine Regan Solicitor Monica Salgado Monica is a Portuguese qualified
More informationGDPR compliance: some basics & practical to do list
GDPR compliance: some basics & practical to do list Philippe LAURENT independent full service business law firm located in Brussels May 2017 Personal data processing = any operation or set of operations
More informationMitigating Risks with Cloud Computing Dan Reis
Mitigating Risks with Cloud Computing Dan Reis Director of U.S. Product Marketing Trend Micro Agenda Cloud Adoption Key Characteristics The Cloud Landscape and its Security Challenges The SecureCloud Solution
More informationOverview of Key E.U. and U.S. Privacy and Cybersecurity Laws. Brett Lockwood Smith, Gambrell & Russell, LLP May 15, 2018
Overview of Key E.U. and U.S. Privacy and Cybersecurity Laws Brett Lockwood Smith, Gambrell & Russell, LLP May 15, 2018 Agenda Principal Obligations Under GDPR Key U.S. Privacy & Cybersecurity Laws E.U.
More informationBuilding Interconnection 2017 Steps Taken & 2018 Plans
Building Interconnection 2017 Steps Taken & 2018 Plans 2017 Equinix Inc. 2017 Key Highlights Expansion - new markets Launch - Flexible DataCentre Hyperscaler edge Rollout - IXEverywhere - SaaS, IoT & Ecosystems
More informationPerforming a Vendor Security Review TCTC 2017 FALL EVENT PRESENTER: KATIE MCINTOSH
Performing a Vendor Security Review TCTC 2017 FALL EVENT PRESENTER: KATIE MCINTOSH 1 Speaker Bio Katie McIntosh, CISM, CRISC, CISA, CIA, CRMA, is the Cyber Security Specialist for Central Hudson Gas &
More informationSecuring the cloud ISACA Korea. Han Ther, Lee CISA, CISM, CISSP, CRISC, ITILF, MCSA
Securing the cloud ISACA Korea Han Ther, Lee CISA, CISM, CISSP, CRISC, ITILF, MCSA What is cloud computing? Source: Wikipedia 2 What is cloud computing A model for enabling:- convenient on-demand network
More informationDue Diligence March 2018 Page 1 of 6. Company
Page 1 of 6 Company Company details Services offered Selectapension Limited, Selectapension House, Eridge Road, Crowborough, East Sussex, TN6 2SL, 01892 669494, www.selectapension.com. Registered in England
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.7)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.7) Directions and Instructions for completing this assessment The answers provided
More informationAUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE
AUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE Table of Contents Dedicated Geo-Redundant Data Center Infrastructure 02 SSAE 16 / SAS 70 and SOC2 Audits 03 Logical Access Security 03 Dedicated
More informationDATA CENTRES OPERATIONAL ISSUES AND THE CONTRACT. Anthony Day - Associate 20 March 2012
DATA CENTRES OPERATIONAL ISSUES AND THE CONTRACT Anthony Day - Associate 20 March 2012 Agenda Operationally what you need? Key Service Levels Managed Services Co-location When things go wrong contractual
More informationManaging the risks of cloud computing
Managing the risks of cloud computing Technology thought leadership Contents Cloud computing: bringing opportunities and risks 01 Cloud computing: bringing opportunities and risks 02 What is cloud computing?
More informationCopyright 2011 EMC Corporation. All rights reserved.
1 2 How risky is the Cloud? 3 Is Cloud worth it? YES! 4 Cloud adds the concept of Supply Chain 5 Cloud Computing Definition National Institute of Standards and Technology (NIST Special Publication 800-145
More informationInvestor Presentation. February 2016
Investor Presentation February 2016 Disclaimer Forward-Looking Statements This presentation contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended,
More informationCloud Operations for Oracle Cloud Machine ORACLE WHITE PAPER MARCH 2017
Cloud Operations for Oracle Cloud Machine ORACLE WHITE PAPER MARCH 2017 Disclaimer The following is intended to outline our general product direction. It is intended for information purposes only, and
More informationWhat is cloud computing? The enterprise is liable as data controller. Various forms of cloud computing. Data controller
A guide to CLOUD COMPUTING 2014 Cloud computing Businesses that make use of cloud computing are legally liable, and must ensure that personal data is processed in accordance with the relevant legislation
More informationHow to Respond to a HIPAA Breach. Tuesday, Oct. 25, 2016
How to Respond to a HIPAA Breach Tuesday, Oct. 25, 2016 This Webinar is Brought to You By. About HealthInsight and Mountain-Pacific Quality Health HealthInsight and Mountain-Pacific Quality Health are
More informationProject Better Energy Limited s registered office is Witan Gate House, Witan Gate West, Milton Keynes, Buckinghamshire, MK9 1SH
PRIVACY NOTICE Curv360 is a part of the Project Better Energy Limited group of companies and is a controller of any personal data you provide. We respect your data and your privacy is important to us.
More informationWhy the cloud matters?
Why the cloud matters? Speed and Business Impact Expertise and Performance Cost Reduction Trend Micro Datacenter & Cloud Security Vision Enable enterprises to use private and public cloud computing with
More informationA Repeatable Cloud-First Deployment Process Model
A Repeatable Cloud-First Deployment Process Model Sponsored By Acknowledgements Authors Lorraine Barnes Luciano Santos Ryan Bergsma Contributors Vincent Campitelli II Matt Keil John Yoeh Daniele Catteddu
More informationDeMystifying Data Breaches and Information Security Compliance
May 22-25, 2016 Los Angeles Convention Center Los Angeles, California DeMystifying Data Breaches and Information Security Compliance Presented by James Harrison OM32 5/25/2016 3:00 PM - 4:15 PM The handouts
More informationBalancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld
Balancing Compliance and Operational Security Demands Nov 2015 Steve Winterfeld What is more important? Compliance with laws / regulations Following industry best practices Developing a operational practice
More informationData Processing Agreement for Oracle Cloud Services
Data Processing Agreement for Oracle Cloud Services Version January 12, 2018 1. Scope, Order of Precedence and Term 1.1 This data processing agreement (the Data Processing Agreement ) applies to Oracle
More informationHISTORY: ADMINISTRATION AND COST CONTROL:
HISTORY: SofiaITC was incorporated in 2012 as a Veteran Owned Small Business (VOSB) Enterprise IT and Cybersecurity Solutions and Services provider by Mr. James Quilty following 21 years of combined Military
More informationHacking and Cyber Espionage
Hacking and Cyber Espionage September 19, 2013 Prophylactic and Post-Breach Concerns for In-House Counsel Raymond O. Aghaian, McKenna Long & Aldridge LLP Elizabeth (Beth) Ferrell, McKenna Long & Aldridge
More informationAT&T Enterprise Hosting Services
AT&T Enterprise Hosting Services Irvine, CA Internet Data Center Last Update: 09.25.2008 2008 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Intellectual
More informationProtecting Your Business: Best Practices for Implementing a Legally Compliant Cybersecurity Program Trivalent Solutions Expo June 19, 2014
Protecting Your Business: Best Practices for Implementing a Legally Compliant Cybersecurity Program Trivalent Solutions Expo June 19, 2014 2014, Mika Meyers Beckett & Jones PLC All Rights Reserved Presented
More informationOracle Database Vault
An Oracle White Paper July 2009 Oracle Database Vault Introduction... 3 Oracle Database Vault... 3 Oracle Database Vault and Regulations... 4 Oracle Database Vault Realms... 5 Oracle Database Vault Command
More informationThe Evolving Threat to Corporate Cyber & Data Security
The Evolving Threat to Corporate Cyber & Data Security Presented by: Sara English, CIPP/US Sara.English@KutakRock.com 1 http://blogs.wsj.com/law/2015/12/09/employee error leading cause of data breaches
More informationNew York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines
New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines New York Department of Financial Services ( DFS ) Regulation 23 NYCRR 500 requires that entities
More informationCONSIDERATIONS BEFORE MOVING TO THE CLOUD
CONSIDERATIONS BEFORE MOVING TO THE CLOUD What Management Needs to Know Part I By Debbie C. Sasso Principal When talking technology today, it s very rare that the word Cloud doesn t come up. The benefits
More informationDevelopments in Global Data Protection & Transfer: How They Impact Third-Party Contracts
Developments in Global Data Protection & Transfer: How They Impact Third-Party Contracts Rebecca Eisner Partner +1 312 701 8577 reisner@mayerbrown.com Mark Prinsley Partner +44 20 3130 3900] mprinsley@mayerbrown.com
More informationANATOMY OF A DATA BREACH: DEVELOPMENTS IN DATA SECURITY AND CLOUD COMPUTING LAW
ANATOMY OF A DATA BREACH: DEVELOPMENTS IN DATA SECURITY AND CLOUD COMPUTING LAW Janis Kestenbaum (Federal Trade Commission) John O Tuel (GlaxoSmithKline) Alfred Saikali (Shook Hardy & Bacon) Christopher
More informationBroadband Networks in Asia
2002.9.9v5 Broadband Networks in Asia 2002. 9. 26 Kilnam Chon KAIST http://cosmos.kaist.ac.kr Broadband Internet is Asian Phenomenon ( So is Wireless Internet ) Contents 1. Broadband Networks 2. Current
More informationCloud Computing and Its Impact on Software Licensing
Cloud Computing and Its Impact on Software Licensing By Gretchen Kwashnik & Jim Cecil January 25, 2012 What is Cloud Computing? Cloud computing is a model for enabling: on-demand network access to a shared
More informationBringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016
Bringing cyber to the Board of Directors & C-level and keeping it there Dirk Lybaert, Proximus September 9 th 2016 Dirk Lybaert Chief Group Corporate Affairs We constantly keep people connected to the
More informationGeneral Data Protection Regulation April 3, Sarah Ackerman, Managing Director Ross Patz, Consultant
General Data Protection Regulation April 3, 2018 Sarah Ackerman, Managing Director Ross Patz, Consultant Introductions Sarah Ackerman, CISSP, CISA Managing Director, Cincinnati Responsible for overall
More informationIIB s Risk Management and Regulatory Examination / Compliance Seminar
IIB s Risk Management and Regulatory Examination / Compliance Seminar Cybersecurity: Regulatory Developments and Industry Practices Presented at: CUNY Graduate Center October 25, 2016 9:00 a.m. 10:15 a.m.
More informationGEANT Cloud Framework Agreement
TIM Overview Employees 65,867 Customers (Mln) 126 Revenues (Bn ) 19,718 Data as of December 2015 2 TIM Overview TIM is the leading Italian Telecommunications and ICT provider. In the areas of: fixed and
More informationAon Service Corporation Law Global Privacy Office. Aon Client Data Privacy Summary
Aon Client Data Privacy Summary Table of Contents Our Commitment to Data Privacy 3 Our Data Privacy Principles 4 Aon Client Data Privacy Summary 2 Our Commitment to Data Privacy Data Privacy Backdrop As
More informationCCISO Blueprint v1. EC-Council
CCISO Blueprint v1 EC-Council Categories Topics Covered Weightage 1. Governance (Policy, Legal, & Compliance) & Risk Management 1.1 Define, implement, manage and maintain an information security governance
More informationCloud Transformation and Significance of Security
Cloud Transformation and Significance of Security Mohit Sharma, Chief Architect & Cloud Evangelist @onlinesince2009 www.cloudsec.com Datacenter Management Change Management Policy Physical Network Management
More informationNE HIMSS Vendor Risk. October 9, 2015 MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS
NE HIMSS Vendor Risk October 9, 2015 MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2014 Wolf & Company, P.C. Does Vendor Management Feel Like This? 2 Vendor Risk Management Lifecycle
More informationCLOUD COMPUTING. Lecture 4: Introductory lecture for cloud computing. By: Latifa ALrashed. Networks and Communication Department
1 CLOUD COMPUTING Networks and Communication Department Lecture 4: Introductory lecture for cloud computing By: Latifa ALrashed Outline 2 Introduction to the cloud comupting Define the concept of cloud
More information