Infosecurity warns on cloud service level agreements

"Once this concept is grasped by IT security professionals," says David Rowe, a member of the Infosecurity Europe Advisory Council and head of business services for the show, "it then becomes possible to extend an organisation's information security and governance envelope around the cloud data resource." Rowe welcomes the news that adoption of cloud services is on the increase, but adds: "I think it is revealing that the research from our colleagues National Cloud and ANS Group shows that only 14% of IT directors and managers think their cloud provider offers a service agreement that meets the needs of their organisation." For him, developing an effective security strategy – and deploying that strategy – is a lot easier than achieving an SLA (service level agreement) that meets the needs of any organisation seeking the highest levels of data protection in the cloud. "The process of negotiating a truly effective SLA, requires a high degree of understanding about cloud data transport and allied resources, as well as the cloud IT resource itself. "That, in turn, mandates that the person doing the negotiating has had the necessary security education required," he warns. The good news, says Rowe, is that, while gaining access to education on this subject is a not as easy as you might think, help is at hand in the shape of the free educational seminar programmes planned for the Infosecurity Europe show, which takes place at London Earl's Court Exhibition Centre between the 23rd and the 25th of April.