Your SlideShare is downloading. ×

CLT Legal Cloud Conference

555
views

Published on

Cloud for lawyers!

Cloud for lawyers!

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
555
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
11
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • The Secrets of Successful Cloud Adoption: what they don’t tell you

    Cloud has a seemingly unstoppable momentum behind it- but is it clear at the outset what the benefits of Cloud are beyond the shift from cap-ex to op-ex? What exactly are these benefits and how do we access them to adopt Cloud successfully?
  • To Microsoft Exchange
  • Security
  • Continutity
  • Archive
  • Bringing all the benefits of Google apps- horizontal scalability, reliability, etc
  • To Microsoft Exchange
  • What systems are your peers moving to the Cloud?- Present research from the Mimecast Cloud Survey
  • Look back to see how we viewed previous paradigm shifts
  • Mainframe – pc – ultimate benefits not forseen

  • From the Mimecast Cloud Adoption Survey http://www.mimecast.com/events-press/press-releases/article/view/cloud-computing-delivering-on-its-promise-but-doubts-still-hold-back-adoption/462/
  • From the Mimecast Cloud Adoption Survey http://www.mimecast.com/events-press/press-releases/article/view/cloud-computing-delivering-on-its-promise-but-doubts-still-hold-back-adoption/462/
  • From the Mimecast Cloud Adoption Survey http://www.mimecast.com/events-press/press-releases/article/view/cloud-computing-delivering-on-its-promise-but-doubts-still-hold-back-adoption/462/
  • From the Mimecast Cloud Adoption Survey http://www.mimecast.com/events-press/press-releases/article/view/cloud-computing-delivering-on-its-promise-but-doubts-still-hold-back-adoption/462/
  • 2010 Gartner Hype Cycle for emerging technologies
  • 2010 Gartner Hype Cycle for emerging technologies
  • What’s the problem?
  • How did I get here to be presenting in front of you about building the case for cloud?
  • Not by first great western
  • Or my brompton
  • It was many years crawling under desks
  • And fixing issues running a medium sized value added reseller. A VAR
  • To my understanding of the cloud and the benefits it brings
  • At the beginning of my journey I’m almost ashamed to say my attraction to Cloud was
  • About money. The shift from
  • Capital Expenditure, where the buyer took all the risk as to whether the software would work and fund the purchase, to
  • Operational Expenditure, where you paid for what you used, and if it didn’t work you stopped paying- or sometimes didn’t even pay at all.

    But that only the first and probably the least important benefit of cloud- the real benefits are hidden
  • About money. The shift from
  • At a time of reinvention- it is really important to ask what IT is for?
  • What do we do for the business?

    Or more specifically- what is the production function of IT???



    http://blogs.gartner.com/mark_mcdonald/2010/06/27/what-is-the-production-function-of-it/

    What is the Production Function of IT?
    by Mark McDonald  |  June 27, 2010  |  1 Comment
    Understanding IT’s role in the enterprise is complex and incomplete.  IT is the subject of great debate as some see it as the source of competitive advantage and others see it as an enabling function.  CIOs and IT professionals themselves have a tough time answering the question about IT’s role.
    Why?  because I believe we are asking the question in the wrong way.
    We need to ask,
    “What is the production function of IT?”
    Production function, sounds kind of academic right, but its simply the output you get for all the combination of inputs.   Its what you take and what you make.
    Every part of your enterprise has a production function.  So, when you ask different parts of the enterprise what they take and make you get answers like:
    SALES
    TOP LINE REVENUE: We take prospects and turn them into orders
    SUPPLY CHAIN
    PROFIT: We take orders and turn them into invoices
    FINANCE
    CASH: We take invoices and turn them into cash
    IT
    ?????? Silence  ??????
    I know its silence because I have asked the question to dozens of IT leadership teams.  They look at each other and cannot put IT’s contribution in a simple answer.  It is not because IT is more complex than these other functions.  No its more that IT professionals have thought of themselves as something apart for the enterprise, something special and therefore not falling under the same rules.
    There are two production functions for IT that can be summarized in two words SPEED and SCALE.
    SPEED:  We take strategy plans and turn them into operational performance
    IT’s production function is to deliver speed of execution against the company’s strategy and plans.  Strategy execution involves change and change requires IT participation.  The faster IT is able to execute its processes, deliver results and accelerate strategy execution the better.
    IT drives speed when it concentrates on reducing its own internal cycle times for providing IT services, solution development and governance.  Concentrating internal operations on speed of execution makes IT more responsive and innovative.  IT organizations operating at speed give their business a steady stream of value that actually expands ITs role and enterprise flexibility.
    Without speed, IT is a bottleneck to strategic execution and operational performance.  It is the reason we cannot go faster.  This is the reason why change is expensive.  The reason why I have to control IT costs, because if they cannot go fast enough for me, then I had better make sure that they do not cost too much.
    SCALE:  We take operations and increase their capacity and reduce their average cost
    IT’s other production function is to create scale of operation across the enterprise.  Scale in this sense is the ability to IT to aggregate activities and deliver greater capacity at a lower average cost.  IT creates scale through its infrastructure and operations activities that make the modern enterprise possible.  IT is one of two scale functions in the enterprise.  The supply chain is the other scale function.
    IT drives scale through the infrastructure by constantly aggregating operations, virtualization and active contract management to gain the benefits of being bigger.  Without this scale, growing transaction volumes and the cost of operating disparate infrastructures would literally consume the company’s profit.
    Without scale, operations drown in a combination of complexity, duplicate cost and faltering service levels.  You see this with high growth companies that are heroes that suddenly fail – because they do not have scale.
    ***
    What is IT’s production function?  To deliver speed and scale to the enterprise.
    Speed and scale can seem as two different things, and that can be part of the reason why they are difficult for CIOs and IT leaders to articulate.  Most go “ah ha” when they think about their role in speed and scale.
    But, when you boil it down, we know why an enterprise has a sales function, a supply chain, a finance function, etc.  We had thought that IT existed to manage the technologies that these functions depend on.
    That is true in terms of the activities IT provides, but ‘to what end’
    Speed of execution and
    Scale of operation.
  • But it’s a question I didn’t ask myself seriously enough until recently- sounds academic though doesn’t it?
  • It is a bit- but hopefully it’ll help you understand what we’re here for, just like it helped me. What does production function mean?
  • It’s the combination of all the inputs
  • Which create the outputs.
  • The problem is, that in IT, they’re hidden. Hard to find.

    Let me contextualise it for you- What do Sales do?
  • They turn prospects into orders.

    What does the supply chain do?
  • They turn orders into invoices.

    What does finance do?
  • The turn invoices into cash.

    So what does IT do?
  • What do we do for the business?

    Or more specifically- what is the production function of IT???



    http://blogs.gartner.com/mark_mcdonald/2010/06/27/what-is-the-production-function-of-it/

    What is the Production Function of IT?
    by Mark McDonald  |  June 27, 2010  |  1 Comment
    Understanding IT’s role in the enterprise is complex and incomplete.  IT is the subject of great debate as some see it as the source of competitive advantage and others see it as an enabling function.  CIOs and IT professionals themselves have a tough time answering the question about IT’s role.
    Why?  because I believe we are asking the question in the wrong way.
    We need to ask,
    “What is the production function of IT?”
    Production function, sounds kind of academic right, but its simply the output you get for all the combination of inputs.   Its what you take and what you make.
    Every part of your enterprise has a production function.  So, when you ask different parts of the enterprise what they take and make you get answers like:
    SALES
    TOP LINE REVENUE: We take prospects and turn them into orders
    SUPPLY CHAIN
    PROFIT: We take orders and turn them into invoices
    FINANCE
    CASH: We take invoices and turn them into cash
    IT
    ?????? Silence  ??????
    I know its silence because I have asked the question to dozens of IT leadership teams.  They look at each other and cannot put IT’s contribution in a simple answer.  It is not because IT is more complex than these other functions.  No its more that IT professionals have thought of themselves as something apart for the enterprise, something special and therefore not falling under the same rules.
    There are two production functions for IT that can be summarized in two words SPEED and SCALE.
    SPEED:  We take strategy plans and turn them into operational performance
    IT’s production function is to deliver speed of execution against the company’s strategy and plans.  Strategy execution involves change and change requires IT participation.  The faster IT is able to execute its processes, deliver results and accelerate strategy execution the better.
    IT drives speed when it concentrates on reducing its own internal cycle times for providing IT services, solution development and governance.  Concentrating internal operations on speed of execution makes IT more responsive and innovative.  IT organizations operating at speed give their business a steady stream of value that actually expands ITs role and enterprise flexibility.
    Without speed, IT is a bottleneck to strategic execution and operational performance.  It is the reason we cannot go faster.  This is the reason why change is expensive.  The reason why I have to control IT costs, because if they cannot go fast enough for me, then I had better make sure that they do not cost too much.
    SCALE:  We take operations and increase their capacity and reduce their average cost
    IT’s other production function is to create scale of operation across the enterprise.  Scale in this sense is the ability to IT to aggregate activities and deliver greater capacity at a lower average cost.  IT creates scale through its infrastructure and operations activities that make the modern enterprise possible.  IT is one of two scale functions in the enterprise.  The supply chain is the other scale function.
    IT drives scale through the infrastructure by constantly aggregating operations, virtualization and active contract management to gain the benefits of being bigger.  Without this scale, growing transaction volumes and the cost of operating disparate infrastructures would literally consume the company’s profit.
    Without scale, operations drown in a combination of complexity, duplicate cost and faltering service levels.  You see this with high growth companies that are heroes that suddenly fail – because they do not have scale.
    ***
    What is IT’s production function?  To deliver speed and scale to the enterprise.
    Speed and scale can seem as two different things, and that can be part of the reason why they are difficult for CIOs and IT leaders to articulate.  Most go “ah ha” when they think about their role in speed and scale.
    But, when you boil it down, we know why an enterprise has a sales function, a supply chain, a finance function, etc.  We had thought that IT existed to manage the technologies that these functions depend on.
    That is true in terms of the activities IT provides, but ‘to what end’
    Speed of execution and
    Scale of operation.
  • IT’s production value number 1 is Speed.
  • Turning organisational strategy into execution
  • As Fast as possible- to deliver results to the business
  • And to do that IT has to be as responsive as possible
  • Because without speed IT is a bottleneck to operational performance.
  • Take operations
  • increase their capacity and reduce their average cost to again deliver operational performance.

  • IT should equal agility. Yet when we’re purchasing systems, rarely does agility factor heavily enough.
  • Traditional IT department In the past, the only way for a company to maintain control of their business process was to completely own the technology supporting the process.  The rationale was that a company's most strategic, differentiating processes are unique and therefore have to built by the company either from scratch or by heavily customizing packaged applications.  This also meant owning the entire technology stack supporting the process and the application.  So, while the intent was to create differentiated processes that were agile and differentiating, the reality has become that the technology stack is an albatross around the IT team's neck that prevents them from moving as quickly and as efficiently as they would like to.

    The result is that while IT organizations are keen to support the business, they are unable to go much beyond providing basic services.  The solution to the problem of managing the entire stack was traditionally either hosted/managed server services or outsourcing, but each introduces its own problems.



    http://blog.appirio.com/2009/05/do-your-most-strategic-apps-belong-in.html
  • Outsourcing In the case of outsourcing, the enterprise gains cost savings but relinquishes control of their business process and has to adhere to the provider's "best-practice" process.  This clearly means that outsourcing can only be applied to commodity processes rather than any differentiating processes or processes where innovation is needed.  The IT team's role shifts to primarily vendor management with little ability to innovate or drive the business.
  • Hosted/Managed Servers Hosting gets a bit closer to solving the problem because it reduces some of the IT team's pain in terms of managing infrastructure.  However, the IT team still needs to spend a lot of their time maintaining the application and the middleware stack, i.e., applying patches and bug fixes, implementing upgrades, maintaining integrations, etc.  In addition, the team also needs to manage their relationship with the hosting vendor.  So, again, the main impact is some cost savings but no real gains in terms of agility or ability to innovate or support the business.
  • IT department in the cloud Cloud computing changes the decision process completely.  No longer do companies face a choice between relinquishing all control of their business process for cost savings or dealing with the high costs and complexity of supporting an entire software stack. Platforms like Force.com and Google App Engine give companies a way to control the parts of the stack that matter most, the application and business process layer and abstract away the management of the infrastructure.  This means that the IT team can focus their energies on driving innovation and supporting the business.
  • #1 Not having to worry about scaling- the provider does
  • Less meetings
  • . #3 The provider is constantly updating its software,
  • No more upgrades or migrations
  • which means you get Richer functionality- for very little effort
  • #4 Creating Loosely coupled systems enables greater integration for less cost and dependency
  • . #2 By separating configuration and code, it enables IT to rapidly reconfigure operations
  • Less dependencies
  • Means you can Reconfigure faster
  • Aligns cost to value- Which means time to value is much quicker
  • From the Mimecast Cloud Adoption Survey http://www.mimecast.com/events-press/press-releases/article/view/cloud-computing-delivering-on-its-promise-but-doubts-still-hold-back-adoption/462/
  • From the Mimecast Cloud Adoption Survey http://www.mimecast.com/events-press/press-releases/article/view/cloud-computing-delivering-on-its-promise-but-doubts-still-hold-back-adoption/462/
  • Why are some People are unsure about Cloud Security
  • Security is often presented as a binary object. It’s not.
  • It’s much more complex than that.
  • Technical details are abstracted
  • Probably because of the relative opacity of Cloud compared to the transparency of a private network and the control you can exert on it
  • Are it’s Achilles heel
  • Without revealing to much intellectual property- the main differentiator in Cloud
  • Standards are only just emerging
  • Buyer Beware- http://en.wikipedia.org/wiki/Caveat_emptor

    Under the doctrine of caveat emptor, the buyer could not recover from the seller for defects on the property that rendered the property unfit for ordinary purposes. The only exception was if the seller actively concealed latent defects or otherwise made material misrepresentations amounting to fraud.
    Before statutory law, the buyer had no warranty of the quality of goods. In many jurisdictions now, the law requires that goods must be of "merchantable quality". However, this implied warranty can be difficult to enforce and may not apply to all products. Hence, buyers are still advised to be cautious.
  • Which is why we in cloud feel like we’re being beaten up...
  • Independent Audit?
  • There are no standards...

    There is not a best practice independent security methodology for cloud.

    Clouds are opaque. Technical complexity is abstracted. Proper audit / DD requires transparency. But transparency would reveal IP.
  • Independent 3rd party is so important to validate claims in depth

    SAS 70, CESG etc
  • Spot the missing one?
  • ISO 27001- ISO 27001 doesn’t fit the cloud- 5 year old standard currently- to be reviewed in 2012- CSA helping update controls for the Cloud
  • ·          Should you adopt ISO 20071? What sort of protection will it grant you?
     
    Yes. Because it’s a framework for managing security. A process. Set of Documentation. Set of controls.
     
    Working out how much acceptable risk
     
    What risk are you exposed to
     
    Which are greater than the accpectable risck
     
    What controls do you need to manage- taken from annex A
     
    Deploy the controls in an auditable way- constantly approve
     
    Compliance- testing
     
    Governance
     
    Risk
     
    Complaince- testing to make sure your controls
     
    It Scales
  • Control and governance; what should be the basis of your Cloud Data Best Practice Policy- ENISA
  • ·          Investigating availability guarantees and penalties and examining your supplier’s disaster recovery strategy
     
    Important- they do what they say the do
     
    The bar to what you set that at needs to be relevant to what you have already- BASELINE!!! Realistic expectation
     
    Based on the data you’re going to outsource
     
    Look at historical performance- not a predictor for the future- but relevant
     
    Look at their DR strategy- if you have 2 data centres- that should be the expectation
     
    Map your requirements to the provider

  • ·          Data compliance; the importance of clarifying where your data will be stored and who will have access to your information
     
    Jurisdiction
     
    EU/ Patriot / RIPA / Safe Harbour
  • ·          Ultimately, who has control over your data?
     
    When you save your data- need to understand
     
    Look at service providers to the same extent
     
    MBTF- encryption look at service providers
     
    Cloud should be architected differently
     
    People shouldn’t be fooled by “cloud” technology
     
    See behind the fog
     
    Often it’s really hard because of the opaqueness
     
     
     
    Integretity of Data Critical
     
    End to end vs middleware
     
    Designed to hook together
     
     
    Managing service provider obligations
     
    Asses the risk- make sure the risk you’re willing to accept is related in the SLA
     
    Review- annually?
     
    Any deviation look for recompense or additional controls
     
    Blunt instrument
     
    Make sure compliance and information governance are involved early on in the process of negotiating SLA- lawyers don’t know about GRC
  • The key is to understand your current risks- baseline them
  • i.e. Where are we today?
  • Users
    Applications
    File shares
    Email
    Document management
  • Sysadmins
    User based access
    Server access
    Database access
  • Others:
    Internet
    VPN
    Extranet
    Customer/Partner portals
    API’s
    Suppliers
    Telco’s
    Tape warehousing
    Backup delivery personnel
  • Ends up in a Permissions Nightmare- or a brittle infrastructure
  • How are we managing those risks today?
  • Are you given the budget / skills to do it?
  • “Quis custodiet ipsos custodes?”

    Who will guard the guards themselves?
    Decimus Iunius Iuvenalis
  • Cloud can be a way to become a guard’s guard, instead of the guard
  • Reasons to go Cloud Security
  • Reason to go Cloud security #1 It’s their business- and their reputation depends on it
  • #2 Money - they are held financially responsible
  • Reason #3 Scale- Cloud platforms have scale that customers could never achieve on their own- protecting against large scale attacks
  • Reason #4 Specialised Skills- employ specific people to do specialised job. Cumulative effect of multiple customers
  • Cumulative effect of multiple customers
  • Best Practice embedded in organisation and distributed. Not dependent on one person
  • Not just about competence and budget- but focus. It’s all they do.
  • Cloud can be a way to become a guard’s guard, instead of the guard
  • Buyer Beware- http://en.wikipedia.org/wiki/Caveat_emptor

    Under the doctrine of caveat emptor, the buyer could not recover from the seller for defects on the property that rendered the property unfit for ordinary purposes. The only exception was if the seller actively concealed latent defects or otherwise made material misrepresentations amounting to fraud.
    Before statutory law, the buyer had no warranty of the quality of goods. In many jurisdictions now, the law requires that goods must be of "merchantable quality". However, this implied warranty can be difficult to enforce and may not apply to all products. Hence, buyers are still advised to be cautious.
  • But make it proportional to risk- especially to CURRENT RISKS
  • Transcript

    • 1. 416style Cloud? Justin Pirie @justinpirie blog.mimecast.com jpirie@mimecast.com CLT Law London February 15th 2010
    • 2. Analyst Blogger
    • 3. Community Manager
    • 4. Social Media Influence
    • 5. Where I work
    • 6. Cloud Services for Microsoft Exchange tipiro
    • 7. Cloud Wrapper
    • 8. For Microsoft Exchange
    • 9. matthewbradley Email Security
    • 10. neilalderney123 Email Continuity
    • 11. dolescum Email Archive
    • 12. How the problem used to be solved...
    • 13. Benefits of Google Apps
    • 14. For Microsoft Exchange
    • 15. What do users get? minifig
    • 16. mescon Unlimited Storage
    • 17. Ronan_C Fast Search
    • 18. Uptime szeke
    • 19. Over 600,000 users can’t be wrong!
    • 20. 416style Cloud?
    • 21. What they don’t tell you... nccarf_au
    • 22. Which Cloud? tipiro
    • 23. William Vambenepe SPI stack
    • 24. IaaS- Infrastructure as a Service
    • 25. IaaS ROI is about Utility Premium
    • 26. PaaS- Platform as a Service
    • 27. Paas = Place to execute code
    • 28. SaaS- Software as a Service
    • 29. SaaS = Software
    • 30. Look back
    • 31. Carrick Mainframe era
    • 32. Mess of Pottage PC Era
    • 33. Store and search text! ThisIsIt2
    • 34. Guess who?
    • 35. Yes, them
    • 36. Cloud Paradigm Shift tipiro
    • 37. Current Cloud Landscape zoutedrop
    • 38. bionicteaching Lets have some data
    • 39. russelldavies To Understand
    • 40. 2009 = 36% US Cloud Adoption
    • 41. 2010 = 56% US Cloud Adoption
    • 42. 70% US Businesses Considering Adopting
    • 43. 6% UK lags behind US attitudes
    • 44. 2010 Hype Cycle
    • 45. 2010 Hype Cycle
    • 46. What are the secrets? aturkus
    • 47. Paul Wicks How did I get here?
    • 48. Not the train Andrew®
    • 49. Or my Brompton Ben Cooper
    • 50. nep It was...
    • 51. ParaScubaSailor and...
    • 52. To understanding Cloud Wen Nag (aliasgrace)
    • 53. LIVING_BY_THE_MOMENT At the beginning...
    • 54. It was about money... wwarby
    • 55. Ian Muttoo From CapEx
    • 56. To OpEx
    • 57. It’s not about money... wwarby
    • 58. What is IT for? le niners
    • 59. What do we do? Daniel Mohr
    • 60. Production Function of IT? bewarenerd
    • 61. Sound Academic? a_sorense
    • 62. Combination of Inputs
    • 63. edwin.11 To produce Outputs
    • 64. IT’s are hard to find ilovememphis
    • 65. labanex.com Sales: Prospects into Orders
    • 66. jamesjyu Supply Chain: Orders into Invoices
    • 67. Finance: Invoices into Cash alancleaver_2000
    • 68. What does IT do? Daniel Mohr
    • 69. IT Production Value #1 = Speed TexasEagle
    • 70. Jeffrey Barke Strategy into execution
    • 71. Fast as Possible Warren D
    • 72. IT needs to be Responsive Chris Devers
    • 73. Domingos Soares Neto Not a bottleneck
    • 74. IT Production Value #2 = Scale ....Tim
    • 75. Take Operations Detroit Public Library
    • 76. Increase Capacity, Reduce Cost ABB
    • 77. IT Should Equal Agility Picture Taker 2
    • 78. Traditional IT Dept. @appirio
    • 79. Idea = Agile Picture Taker 2
    • 80. Reality for IT = Quicksand sasamaster
    • 81. xetark What users got...
    • 82. Business feeling about IT
    • 83. Outsourced IT Dept. @appirio
    • 84. Cheaper Labour... stev.ie
    • 85. Contracts, Change Requests Kevin H.
    • 86. Business feeling about IT
    • 87. IT using Managed services @appirio
    • 88. CarbonNYC In Control?
    • 89. Getting on better... Arno & Louise
    • 90. Cloud Utopia @appirio
    • 91. Reality Picture Taker 2
    • 92. Align IT and business technicallyCreative
    • 93. How can Cloud Help? tipiro
    • 94. Don’t worry about Scale Dru!
    • 95. Less Meetings thinkpanama
    • 96. Less Technical Detail Rev. Xanatos Satanicos Bombasticos (ClintJCL)
    • 97. Continuous Updates The Doctr
    • 98. No More Upgrades or Migrations Bert Kommerij
    • 99. More functionality- same cost Seven Morris
    • 100. Loosely Coupled Systems ElenahNeshcuet
    • 101. Separated Config and Code sadashotit
    • 102. Fewer Dependencies Dave ®
    • 103. Phillie Casablanca Reconfigure Faster
    • 104. Faster Gratification lisatozzi
    • 105. Grand Canyon between adopters James Marvin Phelps (mandj98)
    • 106. 57% Adopters: Cloud Improved Security
    • 107. 62% Non Adopters: Cloud = Security Risk
    • 108. Unsure about Cloud Security? jessicafm
    • 109. Security Presented as Binary MarkOMeara
    • 110. Reality... cdw9
    • 111. Cloud = Outsourcing stev.ie
    • 112. BUT with Technical Detail Abstracted Rev. Xanatos Satanicos Bombasticos (ClintJCL)
    • 113. Which makes Clouds Opaque Andrew Coulter Enright
    • 114. The reason Cloud is powerful dok1
    • 115. Is also it’s Achilles Heel Moff
    • 116. Need for Transparency salmannas
    • 117. While Protecting Vendor IP... schoschie
    • 118. viralbus AND Cloud is embryonic
    • 119. Standards just emerging mayakamina
    • 120. jeffc5000 So.... Caveat Emptor
    • 121. And why it sometimes feels like this... gxdoyle
    • 122. Independent Audit? ScottMJones
    • 123. No Standards!!! Leo Reynolds
    • 124. Independent 3rd Parties: SAS70, CESG wallyg
    • 125. Missing Piece? Mykl Roventine
    • 126. ISO 27001... Leo Reynolds
    • 127. massdistraction Should you adopt ISO 27001?
    • 128. Best Practice Policy: ENISA TheTruthAbout
    • 129. Investigate Availability Guarantees Yukon White Light
    • 130. IXQUICK Data Jurisdiction: clarify
    • 131. Who has control of your data? Duminda Jayasena
    • 132. Baseline Current Risks Chuck “Caveman” Coker
    • 133. i.e. Where are we today? Chris D 2006
    • 134. Trusting Users.... Thai Jasmine (Take good care :-))
    • 135. And Sysadmins.... leftcase
    • 136. Others... Tambako the Jaguar
    • 137. Permissions Nightmare marimoon
    • 138. Managing those risks? Patrick Q
    • 139. jo'nas Is expensive
    • 140. Got the budget? The Prime Minister's Office
    • 141. “Quis custodiet ipsos custodes?”
    • 142. Cloud: Guards Guard
    • 143. Cloud Security? matt.hintsa
    • 144. #1. It’s their Business Esthr
    • 145. #2. Financially Responsible wwarby
    • 146. #3. Scale laffy4k
    • 147. #4. Specialised Skills SarahMcD ॐ
    • 148. Leo Reynolds #5. Cumulative Effect of Multiple Customers
    • 149. Lars Plougmann #6. Best Practice: Embedded, Distributed
    • 150. #7. Focus Chris Campbell
    • 151. Want to be the Guards Guard?
    • 152. jeffc5000 Remember: Caveat Emptor
    • 153. But proportional to Risk gxdoyle
    • 154. nathansnostalgia Contracts: Birth
    • 155. Contracts: Marriage
    • 156. Contracts: Divorce DrJohnBullas
    • 157. 416style Questions? CLT Law London February 15th 2010 Justin Pirie @justinpirie blog.mimecast.com jpirie@mimecast.com