Data Privacy Monitor

Data Privacy Monitor

Commentary on Data Privacy & Information Security Subjects

Category Archives: Cloud Computing

Subscribe to Cloud Computing RSS Feed

Deeper Dive: The Case of the Mysteriously Missing Security Breach in the Cloud

Posted in Cloud Computing
For years now, there has been much talk and concern regarding the security risks associated with storing sensitive data in the cloud. These concerns are not unfounded. Hackers have grown more and more sophisticated, and a large cloud service provider is a high-profile and data-rich target, holding the sensitive information of thousands of companies and… Continue Reading

Five Practice Pointers: Risk Allocation in Enterprise Cloud Service Agreements

Posted in Cloud Computing
Outsourcing information technology functions to the cloud entails risk for both companies and cloud service providers, especially when sensitive data is stored in the cloud. Sensitive data carries business risk and may be subject to a host of legal and regulatory requirements. Cloud service agreements, which typically use the cloud service provider’s forms, do not… Continue Reading

HIPAA, Business Associates, and the Cloud

Posted in Cloud Computing, HIPAA/HITECH, Medical Privacy
Under the Final Rule, as previously discussed, business associates must comply with the technical, administrative, and physical safeguard requirements under the Security Rule.  Liable for violations under the Security Rule, a business associate must comply with use or disclosure limitations in its contract, as well as limitations expressed in the Privacy Rule.  A business associate… Continue Reading

Can Big Data Analytics Help Prevent the Next Operation Shady RAT?

Posted in Cloud Computing, Information Security
On July 28, 2011, McAfee released a white paper (reg. req’d.) detailing its investigation of a targeted intrusion into more than 70 companies and government organizations over the past five years by an APT—an attack McAfee called Operation Shady RAT.  By gaining access to a command and control server that was used in the attacks,… Continue Reading

PCI Security Council Releases Standards Guidance for Virtual Environments

Posted in Cloud Computing, Payment Card Industry
Over half of the companies surveyed by Trend Micro in May 2011 reported having cloud computing services being developed, implemented, or already in production.  The survey also reports that security concerns continue to be a primary reason companies are holding back their adoption of cloud computing.  The security concerns related to virtual environments are heightened… Continue Reading

Practicing Law Institute Explores Key Considerations in Cloud Vendor Agreements

Posted in Cloud Computing
One of the most significant trends in technology is the growing acceptance of cloud computing. Cloud computing is the on-demand network access to a shared pool of computing resources which can be rapidly deployed or contracted.  Many companies are using the cloud computing model to offer their proprietary software as a service (SaaS) which can… Continue Reading

Catching Up on Cloud Computing

Posted in Cloud Computing, Information Security
 If you are considering cloud computing and need to address related data privacy concerns, the articles discussed below provide an explanation of how cloud computing actually works to help you with your analysis.  The National Institute of Standards and Technology (NIST) recently revised its definition of cloud computing: “Cloud computing is a model for enabling… Continue Reading