Security professionals at organizations adopting cloud computing solutions must put in place policies, processes and relationships that will result in keeping enterprise data safe. This industry perspective recommends:
- Adopting high-level information security policies as well as granular procedures and standards for implementing those policies;
- Including specific security provisions, such as breach notification methods and compliance strategies, in contracts with cloud vendors;
- Creating formal processes for reviewing and proving the effectiveness of cloud implementations.