In a recent article for CIO entitled, Ignore Cloud Security Assessment at Your Own Risk, John Moore asks who should be on the hook for assessing and validating cloud security, and how the sometimes-complicated world of cloud computing makes that question tricky to answer.
From the article:
“SaaS apps cover a lot of ground these days, including business-critical functions from email to ERP, yet many cloud customers appear to simply accept whatever a SaaS provider says about its level of security.
Last year, the SANS Institute, an IT security training organization, reported that only 22 percent of the organizations it surveyed rely on extensive testing and validation before putting a outsourced or cloud-based application into production.”
You don’t have to look far to find additional resources that highlight organizations, conferences, and reports dedicated to the topic of cloud security. The topic is everywhere for a reason—security and compliance in the cloud matters. And at Skytap, we believe in making our security and compliance measures transparent to our existing customers, and to those considering Skytap Cloud.
We deliver a secure, scalable cloud-computing platform for customers who develop, test, train, and demo applications across a wide variety of systems and architectures. To provide end-to-end security and privacy, Skytap builds and operates services in accordance with known security best practices, provides security features in those services, and provides comprehensive documentation. Skytap customers use these features and best practices to architect a secure environment for their applications.
“One of the biggest—if not the biggest—barriers to cloud adoption is security. However, security itself isn’t the only blocker. It’s also the customer’s comfort level moving to the cloud. So it boils down to the customer trusting their applications, their data, and in many cases, their own customers with the cloud vendor that they choose. Many of our customers use Skytap Cloud as a supplement to their IT department. Knowing this, the more transparency we can provide into our architecture, the better.” – Mike Neil, Director of Technical Field Operations at Skytap.
To read our full Security and Compliance policy—and to learn more about how Skytap uses independent auditors to validate those measures—please visit our Security and Compliance page.
This section of our site addresses the following in depth:
- Physical security
- Application security
- Operational security
- Penetration and vulnerability testing
- Standards and validations
If you’d like to speak to a cloud computing expert about security and compliance in Skytap Cloud, please feel free to get in touch.