1 / 5

Risk Management in the Cloud

Steve Mutkoski Microsoft Corporation. Risk Management in the Cloud. The Changing Landscape. Transition to Cloud services has had some complex and sometimes unintended consequences for both vendors and customers

gala
Download Presentation

Risk Management in the Cloud

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Steve Mutkoski Microsoft Corporation Risk Management in the Cloud

  2. The Changing Landscape • Transition to Cloud services has had some complex and sometimes unintended consequences for both vendors and customers • For many vendors, the move from making and shipping “boxed product” to operating functionally similar cloud services has raised many new issues • Some vendors have had different paradigm shifts, moving from purely retail world or consumer/advertising world

  3. The Evolution of Commodity Cloud Services • Leverage product or services background to build low cost, general purpose, commodity cloud services • General purpose allows building at massive scale • But there is tension between general purpose concept and the complex regulatory landscape that some customers face • Regulatory landscape also varies from one industry segment to another • Tensions can be accented by vendor business model and origins

  4. Some Reflections • Customers need cloud provider to be an integral part of customer risk management strategy • Core set of “must haves” across many/all industry segments • Key industry or vertical requirements that are likely necessary to market cloud services at scale? • Ability to use standards to drive more similarity across worldwide landscape? • Questions are easier asked then answered

  5. Examples • Family Educational Rights and Privacy Act (FERPA): US law that regulates use of student records and that clearly impacts faculty email delivered through a cloud service • Cloud Contracting: Outsourcing E-MAIL@YOURUNIVERSITY.EDU http://counsel.cua.edu/FERPA/publications/NACUANoteCloudContract.cfm • Health Insurance Portability and Accountability Act (HIPAA): US law that protects the privacy of individually identifiable health information and that impacts a wide range of customers seeking to use a cloud email service • “Arizona Practice Gets $100K Fine” (Cloud based calendaring) • Data Protection: EU Model Contract Clauses • Data Location and Data Sovereignty

More Related