new-technologies-dont-define-security-practices-they-refine-them

New Technologies Don’t Define Security Practices, They Refine Them.

By | October 18, 2012

Cloud security is about leveraging everything we’ve learned over decades of computer security, centuries of information security and millennia of physical security. It is about applying those practices to deliver a transparent and inclusive control model that protects your information and ensures its availability, confidentiality and integrity regardless of where it resides.

We’ve drawn from our experience as both data center operators and members of a Fortune 500 telecommunications organization to design products for our customers.

While many organizations are out there insisting that the cloud changes everything, we’ve been focused on ensuring ReliaCloud’s security framework is built on a combination of administrative, physical and technical controls.   We understand that a successful cloud partnership comes from shifting some of the operational challenges of IT management to a cloud service provider, while still retaining the correct oversight to ensure risks are managed correctly.

Let’s look at a few of the key controls we’ve incorporated in to ReliaCloud to ensure the security of the information assets you place in our care.  From an administrative control perspective, our:

  • Security policy and procedure practice draws from a collection of:  common industry practices, regulations and governance frameworks (e.g. ISO 27001/27002, NIST 800-53)
  • Network elements and systems undergo regular security patching to address software vulnerabilities as they are discovered based on the severity of potential exposure.
  • Periodic audits, including our SSAE 16 SOC1, ensure the effectiveness of the controls we’ve implemented to protect your information
  • Ongoing assessments of our security practices identify opportunities for continuous improvement as well as emerging threats
  • Contractual terms include:
    • Confidentiality clauses for the sharing of information between organizations
    • Protocols for communication in the event of a suspected security breach
    • Liability implications for our organization in the event of a breach
    • Mechanisms for disposal of data at the termination of business
    • Commitment on the geographical placement of your information

What would you like to see in the future when it comes to helping your business scale safely with the help of cloud computing?  Share your insight in a comment below.  If you would like to learn more or have some questions answered, feel free to contact us today.

Leave a Comment

Comment

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Want to learn more about VISI? Check out the About Us page.