The Cloud Beckons, But is it Safe?

What We’ll Cover Today

Introductions

Introductions

What is The Cloud?

LSC Grantees are Using It

The Lure of the Cloud

Why the Concern?

Cloud Security in the News

Technology and Legal Ethics

Under Siege

But We Do Lots of Things on the Internet

How Secure is Your On-Site Data?

Myth

Fact

Myth

A Cloud Data Center

Is This Your Server Closet?

What Does Security Mean?

The Three Pillars of Information Security

Confidentiality

Integrity

Availability

Also: Physical Possession

What Does Security Mean for You?

Rules for Absolute Safety

Know What You’re Protecting

Red Flags

Privilege and Waiver

What’s Your Exposure?

What’s The Impact of an Outage?

Testing Your On-Site Security

A Multi-Level Security Model

Multi-Level Security is the Ideal

Physical Security

Network Security

Transmission Security

Access Controls

Data Protection

What to Look For in a Vendor

Description of Security Mechanisms

Uptime

Terms of Service

Regulatory Compliance: HIPAA

Regulatory Compliance: SAS70 and SSAE16

Regulatory Compliance: PCI DSS Compliance

In Summary

Understand the Value of Your Data

Your Data Is No Safer Than You Make It

But Many Vendors Make Your Data Really Safe

Questions?