Can an organization trust an IT service provided through the cloud? A survey by KuppingerCole showed that cloud security issues (84.4%) and cloud privacy and compliance issues (84.9%) are the major inhibitors preventing organizations from moving to a private cloud.
The answer to this question can be found in the old Russian maxim, which was often quoted by President Ronald Regan: trust but verify.
Cloud services are outside the direct control of the customer organization; this means that a governance based approach is needed. This approach allows trust in the CSP to be assured through a combination of internal processes, standards and independent assessments.
In this podcast recorded at RSA Conference Europe 2012, Mike Small, an analyst at Kuppinger Cole and member of ISACA, offers his top ten tips for assuring cloud services.
Listen to the podcast here.