|By PR Newswire||
|July 27, 2009 02:16 PM EDT||
DENVER, July 27 /PRNewswire/ -- Compliance Research Group (CRG), an industry analyst firm focused on IT risk management and compliance, has completed its latest Research Brief on cloud computing compliance and IT security. The brief, Managing Compliance and Security for Cloud Computing, provides insight on how a top-down view of all IT resources within a cloud-based location can deliver a stronger management and enforcement of compliance policies. CRG analysts recommend compliance and security managed from a cloud platform to properly monitor and control a mix of sensitive information resources located in both cloud-based and enterprise applications.
This latest Research Brief from CRG is available for free at http://tinyurl.com/ns7n9b
"Sensitive covered information inside trusted enterprise networks traditionally have been secure islands managed individually," said Mark Willoughby, a principal and lead analyst at CRG. "Adopting cloud computing means organizations must update how they identify threats and deploying defenses. Efficient and effective risk management for compliance policies governing covered information in both the cloud and trusted enterprise networks demands a new perspective."
According to the CRG research, distributed resources are best monitored from a top-down cloud perspective to correlate user actions and events across a wide scale. Isolated or stand-alone networks and resources lack visibility into cloud-based resources, and cannot offer the unified compliance perspective required by centralized risk management policies and procedures.
Without the top-down perspective the risk of redundancy and duplication increases, and the valuable intelligence gained by correlating events and actions across all resources does not exist. For instance, correlations are the best way to gain clarity into attacks on multiple addresses originating from anonymous cloud-based locations, a favorite denial of service tactic most recently used against South Korean and U.S. government websites.
"We apply a lesson from history to the cloud-based risk management approach - using the barbarians to conquer the barbarians. Throughout history, since Rome defeated Carthage, risks have been reduced and attacks thwarted by borrowing strategies and tactics from adversaries," Willoughby said. "Those correlations are best done from the strategic high ground offered by cloud-based compliance policy management. Closer to home, correlating credit card transactions processed inside a trusted enterprise network with fulfillment and shipping information located in a cloud-based service can reveal the probability of fraud."
About Compliance Research Group
Compliance Research Group (www.complianceresearchgroup.com) is a Denver-based analyst firm offering custom risk management research and marketing guidance to the IT, security and compliance community. The firm's principal analysts have decades of experience developing IT security strategies and consulting with enterprise IT organizations and solutions providers.
SOURCE Compliance Research Group
- [slides] Government Cloud | @CloudExpo @Govplace #IoT #FedRAMP #ITIL
- Surviving the Coming 'Hackerpocalypse' | @CloudExpo #API #Cloud #Security
- Government Can Influence Cloud Interoperability | @CloudExpo #API #SaaS #Cloud #FedRAMP
- TAP Accelerates #ArtificialIntelligence | @CloudExpo #AI #BigData #Hadoop
- NATO ACT 'Art of the Possible' Interoperability Demonstration
- Should Data Centers Think? | @CloudExpo #Cloud #Agile #Analytics #DataCenter
- The Path to Your Future | @CloudExpo #AI #ML #Cloud #DigitalTransformation
- The Enterprise Network | @ThingsExpo #IoT #M2M #DigitalTransformation
- Business Chatbots Taking Over | @CloudExpo #AI #ML #IoT #M2M #Cloud
- CloudMASTER® Pays Well In The US Great Northwest
- The Top 150 Players in Cloud Computing
- Cloud Expo New York Call for Papers Now Open
- Cloud Expo New York to Attract More Than 8,000 Delegates
- Cloud Expo 2011 East To Attract 10,000 Delegates and 200 Exhibitors
- Industry Experts Discuss the State of Cloud Computing
- Publishing Synergy: Blog, Twitter and Ulitzer
- The Five Characteristics of Cloud Computing
- NPR Asks: Will Cloud Computing Work in the White House?
- CIA was Headed to an Enterprise Cloud All Along: Jill Tummler Singer
- Cloud Expo New York Speaker Profile: Jill T. Singer – Federal CIO Emeritus