A was first mooted. Since then we have come

A
common question in
almost every business and IT function is whether the offerings of
cloud service providers (CSPs) are more or less secure than information technology (IT) services that are
delivered through internal, on-premise implementations.
This is not unlike the very first reactions of IT functions in the
1990’s when
the idea of using outsourced
services was first mooted.
Since then we
have come to accept that using service providers and outsourcers is a normal way of conducting
business, and very few organisations – if any – stand
entirely alone.

 

Cloud services
is in many ways an evolution of outsourcing and by analogy many companies are treating the risks and means of control as
just another outsourcing exercise.
Yet this
approach may be flawed, because true CSPs
aspire to offer services to many customers that are delivered
from a shared platform. The relationship is not 1:1. The ‘multi-tenant’ nature of the cloud therefore raises many different questions and concerns, especially
when it comes to security.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

 

The purpose of this white paper is to explore the risks that concern
security practitioners and the security controls that cloud service providers are deploying to address them, particularly in the
context of multi-tenancy. The findings
are the result of the analysis of views
gained
from a series of
workshops
and roundtables held
with security practitioners from companies
drawn across a range of
industry sectors. This has been combined with
insights provided
by advisory firm consultants with
client experience with
both cloud service providers
and
their customers. The end result, according

to both
the
author (Dorey) and many other security practitioners (Forrester), is that multi-tenant

cloud systems can be at least as
secure as important types of on-premise
system and may in
some cases
be even more secure.

A
common question in
almost every business and IT function is whether the offerings of
cloud service providers (CSPs) are more or less secure than information technology (IT) services that are
delivered through internal, on-premise implementations.
This is not unlike the very first reactions of IT functions in the
1990’s when
the idea of using outsourced
services was first mooted.
Since then we
have come to accept that using service providers and outsourcers is a normal way of conducting
business, and very few organisations – if any – stand
entirely alone.

 

Cloud services
is in many ways an evolution of outsourcing and by analogy many companies are treating the risks and means of control as
just another outsourcing exercise.
Yet this
approach may be flawed, because true CSPs
aspire to offer services to many customers that are delivered
from a shared platform. The relationship is not 1:1. The ‘multi-tenant’ nature of the cloud therefore raises many different questions and concerns, especially
when it comes to security.

 

The purpose of this white paper is to explore the risks that concern
security practitioners and the security controls that cloud service providers are deploying to address them, particularly in the
context of multi-tenancy. The findings
are the result of the analysis of views
gained
from a series of
workshops
and roundtables held
with security practitioners from companies
drawn across a range of
industry sectors. This has been combined with
insights provided
by advisory firm consultants with
client experience with
both cloud service providers
and
their customers. The end result, according

to both
the
author (Dorey) and many other security practitioners (Forrester), is that multi-tenant

cloud systems can be at least as
secure as important types of on-premise
system and may in
some cases
be even more secure.