I suspect that many will simply adopt the FedRAMP certification controls which are based upon NIST SP 800-53, to certify cloud offerings.
Many organizations don't do enough risk assessment in general. *ASB **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker>* **Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market…*** On Tue, Jun 4, 2013 at 9:46 AM, Ziots, Edward <[email protected]> wrote: > Data Classification and controls in the cloud have a bigger role, > especially from Risk and Compliance. A lot of business are still not > looking at the risks around cloud and where their business data is residing > which will get them in hot water with regulations sooner than laters. **** > > ** ** > > Z**** > > ** ** > > Edward E. Ziots, CISSP, CISA, Security +, Network +**** > > Security Engineer**** > > Lifespan Organization**** > > [email protected]**** > > Work:401-255-2497**** > > ** ** > > ** ** > > This electronic message and any attachments may be privileged and > confidential and protected from disclosure. If you are reading this > message, but are not the intended recipient, nor an employee or agent > responsible for delivering this message to the intended recipient, you are > hereby notified that you are strictly prohibited from copying, printing, > forwarding or otherwise disseminating this communication. If you have > received this communication in error, please immediately notify the sender > by replying to the message. Then, delete the message from your computer. > Thank you.**** > > *[image: Description: Description: Lifespan]* > > ** ** > > ** ** > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Andrew S. Baker > *Sent:* Tuesday, June 04, 2013 9:34 AM > *To:* ntsysadm > *Subject:* Re: [NTSysADM] RE: Microsoft's 'Blue' servers**** > > ** ** > > Also, NDAs tend to have a role...**** > > > **** > > **** > > **** > > *ASB > * > *http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker>* > **Providing Virtual CIO Services (IT Operations & Information Security) > for the SMB market…***** > > ** ** > > ** ** > > On Tue, Jun 4, 2013 at 9:30 AM, Robert Cato <[email protected]> wrote: > **** > > **** > > How does that rule go? If you don't have anything good to say.....**** > > ** ** > > On Mon, Jun 3, 2013 at 10:48 PM, Michael B. Smith <[email protected]> > wrote:**** > > Nothing I can say.**** > > **** > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Ryan Finnesey > *Sent:* Monday, June 3, 2013 10:20 PM > *To:* [email protected] > *Subject:* [NTSysADM] RE: Microsoft's 'Blue' servers**** > > **** > > What are your thoughts? **** > > **** > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Michael B. Smith > *Sent:* Monday, June 3, 2013 12:47 PM > *To:* [email protected] > *Subject:* [NTSysADM] Microsoft's 'Blue' servers**** > > **** > > Microsoft's 'Blue' servers: What's coming when | ZDNet:**** > > http://www.zdnet.com/microsofts-blue-servers-whats-coming-when-7000016224/ > **** > > **** > > **** > > ** ** > > ** ** >
<<image001.jpg>>
