ED 47: January-February 2013

More documents

Recommendations

Info

46 ma r k E t in t E l l i gE n C E Cloud Computing SeCurity and ServiCe level guidelineS The second of a two-part series that details the standards in place for technological innovations, specifically cloud computing the Singapore Information Technology Standards Committee (ITSC) Cloud Computing Standards Coordinating Task Force released a set of security and service level guidelines for public cloud computing recently. A key motivation behind this initiative is to address the security concerns raised by small and medium-sized enterprises (SMEs) in adopting cloud computing. Cloud computing lowers the entry barrier to costly IT resources and applications that are traditionally beyond the reach of SMEs. For instance, cloud computing enables SMEs to avoid up-front capital investments in IT infrastructure that is often associated with enterprise-wide IT solutions (e.g. customer relationship management systems and enterprise storage solutions). However, a recent study by IDC shows that large local enterprises remain ahead of SMEs in cloud computing adoption, suggesting that SMEs may not be fully leveraging cloud computing to narrow the competitive gap with large enterprises. An oft-noted concern for this seeming sluggishness to adopt cloud computing is security. While the cloud presents real security concerns, such concerns are not totally insurmountable. However, comparing to large enterprises, SMEs often do not have readily available IT security analysts to advise on the risk of moving into cloud computing. This is where the new guidelines come in handy. The full title of the guidelines is “Security and Service Level Guidelines for the Usage of Public Cloud Computing Services” and it is published by SPRING Singapore as a Technical Reference with the code TR31: 2012. It adopts a riskbased approach by highlighting the different risk exposures in adopting cloud computing before discussing associated risk mitigation considerations and measures. For example, ‘change management’ is one of the risk exposure described in the guidelines, and ‘audit logging’ as well as ‘system patch management’ are among the associated risk mitigation considerations and measures included. Ja n | FE b 2013 En t r E p r E n E u r s’ Di g E s t
Apart from using the guidelines to assess their risk exposures, SMEs can also take reference from the risk mitigation considerations and measures in working towards mutually acceptable mitigation approaches with their cloud service providers. Hence, the guidelines provide SMEs with a means to get a grip over their security concerns. In addition to security, the guidelines also provide guidance on service level considerations. Thus, SMEs can also leverage on these to establish service level agreements with their cloud service providers. ma r k E t in t E l l i gE n C E As indicated by the title of the guidelines, only public cloud computing services are covered. Private and hybrid cloud computing services are excluded. The reason for this lies in the primary target audience of the guidelines, i.e. SMEs. Both private and hybrid cloud computing services may require substantial financial investments and most SMEs do not possess sufficient economy of scale to fully benefit from these cloud computing deployment models. The guidelines also do not cover Platform as a Service (PaaS), but only addresses Infrastructure as a Service (IaaS) and Software as a Service (SaaS). Although PaaS is slowly gaining traction in Singapore, interest among SMEs is still nascent in relation to IaaS and SaaS. Notwithstanding the existing exclusions, the scope of the guidelines may be widened if there is sufficient demand. In fact, as SMEs use and reference the guidelines, they are encouraged to provide feedback in further refining it. Ultimately, the guidelines are developed with the intention to help SMEs take advantage of the opportunities presented by cloud computing. Such feedback from SMEs will thus facilitate the realisation of this intention. Dr calvin chan Senior lecturer, School of Business, SiM university Member, Singapore it Standards committee - cloud computing Standards coordinating task Force Ja n | FE b 2013 En t r E p r E n E u r s’ Di g E s t 47
Page 1: EntrEprEnEurs’ DigEst Ja n | Fe b
Page 5 and 6: A great mediator, wise and intellig
Page 7 and 8: Businesses in Singapore face a web
Page 9 and 10: Christmas, a traditional and festiv
Page 11 and 12: EDC Co r n E r FirSt ever Singapore
Page 13 and 14: Ca l E n D a r oF Ev E n t s tr a D
Page 15 and 16: Branding at its Best Like the moves
Page 17 and 18: On 6 November 2012, all 49 brands w
Page 20 and 21: 18 Co m m E n ta r y expanSion over
Page 22 and 23: 20 Co m m E n ta r y Logistics as a
Page 24 and 25: 22 Co m m E n ta r y Securing Produ
Page 26 and 27: 24 Co m m E n ta r y transcenDing B
Page 28 and 29: 26 Co m m E n ta r y Over the Horiz
Page 30 and 31: 28 Co v E r st o r y Of Bricks, MOr
Page 32 and 33: 30 mo n E ysm a r t Will 2013 Be A
Page 34 and 35: 32 pr o p E r t y If you are seekin
Page 36 and 37: 34 ma r k E t in t E l l i gE n C E
Page 52: 50 ma r k E t in t E l l i gE n C E
Page 55 and 56: The Business of susTainaBle Develop
Page 60: 58 ma r k E t in t E l l i gE n C E
Page 63 and 64: FestiVaLs & sPeCiaL oCCasions oF ne
Page 65 and 66: ga s t r o n o m i a Served on a Ho
Page 67 and 68: Cl a s s i F i E D s oki Data (S) p
Page 69 and 70: Bridging Cultural differenCes How c

ED 47: January-February 2013

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?