Microsoft beats rivals to certify under new public cloud security standard

Business Cloud News,  Monday, February 16, 2015

Microsoft has adopted a relatively new ISO standard that specifies measures to protect Personally Identifiable Information (PII) in public cloud environments. The company claims it is the first public cloud provider to do so. Microsoft, a huge advocate of regulatory reform around data privacy rights in the US, is currently embroiled in a court case that has seen the IT giant repeatedly challenge US District Court rulings compelling it to hand over email and contact information stored in its cloud platform in Ireland as part of a drug-trafficking trial. The company is currently supporting a number of recently introduced laws that seek to limit the reach of US courts over data stored in cloud services located outside the US.

Microsoft Azure: The first cloud computing platform to conform to ISO/IEC 27018, the only international set of privacy controls in the cloud

Lori Woehler, Microsoft Azure Blog,  Monday, February 16, 2015

Earlier this month, we highlighted a number of new compliance milestones for Microsoft Azure. Among these developments was that the British Standards Institution (BSI) validated that Azure incorporates controls that are aligned to the ISO/IEC 27018 code of practice for the protection of Personally Identifiable Information (PII) in public clouds acting as PII processors. ISO 27018 is the first international set of privacy controls in the cloud, and Azure is the first cloud computing platform to adopt ISO 27018.

EU mulls new rules to free up the cloud market

Phil Wainewright, Diginomica,  Thursday, February 12, 2015

So what’s new? The topline messaging is all about achieving the long-awaited ‘digital single market’ that sweeps away national barriers to delivering cloud services across Europe, especially for small businesses. This isn’t new in itself although there’s a hint of increased urgency this year to complete this project. At the same time, the Commission continues to maintain that the cloud market will only take off if clear standards are defined, on the grounds that businesses won’t buy into cloud without some certainty about what exactly is guaranteed.

The Role of Privacy Practices in Information Management

Tracy Mitrano and Jacob Cunningham, EDUCAUSE,  Tuesday, February 10, 2015

Cloud computing shifts the institutional burden from technology to contract formation. Nowhere is this shift more notable than in information management. Many privacy practices and technical security controls must be negotiated up front with the vendor. Physical technology rests on their premises while the institution's regulatory, business needs, and ethical responsibilities to maintain the information appropriately do not change.

Analyzing the Federal Government's Use of the Cloud

Joshua Bleiberg and Darrell M. West, Brookings,  Monday, February 09, 2015

Since 2009 the federal government started the process of replacing local computers with cloud platforms. A recent report from the Congressional Research Service (CRS) provides an interesting view into the progress of these investments. It reveals the benefits that public agencies gain when using cloud services and the barriers they face when making the transition.

QuinStreet Survey: UI Top Factor in Successful Enterprise App

Chris Preimesberger, eWeek,  Monday, February 09, 2015

Ease of use is the most important factor for 83 percent of enterprise app users, while 75 percent rank easy implementation as their top usage criterion. On the app deployment front, IT managers are at an important crossroads when it comes to making decisions on key internal and customer- and partner-facing applications. With so many newer deployment choices -- public, private, hybrid and multi-cloud systems.

Study: Federal data center modernization failing on cloud security

Rob Wright, Search Cloud Security,  Friday, February 06, 2015

The study, Heart of the Network: Data Center Defense, was conducted by MeriTalk, a government IT advocacy group based in Alexandria, Va. It surveyed 300 federal IT managers and found that 72% gave their agencies an "A" or "B" grade for their security efforts around data center modernization. Yet the majority of those IT managers said their agencies' efforts lacked key security components, particularly around cloud security.

Why Microsoft's 'buy only what you use' pricing strategy is a big deal

Heather Clancy, fortune,  Wednesday, February 04, 2015

From my standpoint, Microsoft’s flexibility when it comes to how businesses or individuals want to pay for software could be very important. Over the past year, it has completely overhauled its volume licensing policies. I won’t bore you with all the details, but the biggest change is this: instead of charging companies for software on a per-device basis, it will price subscriptions and licenses based on who actually uses them. It will also emulate Apple’s strategy of free operating system updates with the Windows 10 release.

FTC’s Rich Lays a Roadmap for Responsible Data Practices

Omer Tene, IAPP,  Tuesday, February 03, 2015

If you haven’t already read the speech that Federal Trade Commission (FTC) Bureau of Consumer Protection (BCP) Director Jessica Rich gave last week at an advertising industry meeting, take the time to do it now. Direct, sharp and concise, it maps out the state of play at the intersection of technology, law and policy, and charts a path for businesses that wish to avoid legal trouble not only with the powerful federal regulator but also with state attorneys general, class-action plaintiffs and European privacy authorities.

No, Canada! You can't keep cloud storage local

David Linthicum, InfoWorld,  Tuesday, February 03, 2015

The reality is if you move to a multinational cloud provider, such as Amazon Web Services, Google, or Microsoft, the ability to secure the data depends on the processes and technology. If you think it's sufficient to leave data on servers where you happen to know the physical address, you’re fooling yourself. However, IT organizations tend to think in primitive ways when it comes to data security. If it’s local, it’s safe; if it’s remote, it’s not secured. But in recent years, local server safety has proven to be only a myth. Go ask Sony Pictures, Home Depot, and Target.