SlideShare a Scribd company logo

The non market issue of cloud computing hp - cloud security alliance

Sumaya Shakir
Sumaya Shakir
Business
1 of 5
Download to read offline
Sumaya Shakir Sumaya.shakir@gmail.com September 2012 Cloud Computing Security Risks Background and key information: It finally seems like the Feds are catching up with the Cloud era boom. The US government has released its stand on the data security on cloud technologies at the Security in Government 2012 conference. Important concerns regarding the jurisdictional issues of data storage were raised. The Federal Financial Institutions Examination Council(FFIEC) issued a press release with cloud computing risks and issued guidelines in its FFIEC IT Examination Handbook. The department will be coming up with new cloud guidelines. Separately in Europe, the European Network and Information Security Agency (ENISA) and the Cloud Security Alliance (CSA) have come up with their own assessment of how to addresses cloud risk guidelines. The European commission and European data protection council has issued statements indicating firms offering cloud solutions should offer legal clarity and clear privacy policies. The UK Government Digital Service is formulating its policies to maximize on the potential benefits to the UK economy. The CSA is also working on standards for cloud interface. HP has partnered with VMware in providing cloud platform solutions. The partnership aims at providing infrastructure with strong security and converged cloud solutions to the PCI industry. The companies are selling their solutions that goes beyond addressing the security guidelines put forth by various councils; it will be interesting to see how HP- VMware partnership will fair against various commission guidelines. In another initiative HP has partnered with Microsoft for cloud integration. HP has signed new contracts with various government organizations to provide both hardware and software solutions. HP has made new investments in cloud computing in China. Following its China five-year growth plan, HP opened a brand new center called HP Cloud Executive Briefing Center in Tianjin and expanded its R & D in China. In addition, HP has started other big investments in China. With so many countries and their respective Governments on the bandwagon trying to form their own policies and drawing the blueprint of how the cloud infrastructure should look like, the result will be a set of conflicting laws and regulations between borders and countries. To add to the complexity, some governments are leery of working with China. And China’s stand on how these services will impact its own industry and Government is a question that is yet to be raised. While HP is ahead of the game, it may be missing some key mandates from the Cloud Security Alliance and the various Government policies that could prove as a costly mistake. Moreover setting up a cloud hub in China could be security threat to businesses and organization in the US including the US government especially in the wake of latest allegations in regards to spying from two big Chinese firms ZTE Corp. and Huawei Technologies. Given the sensitive nature of government and payment data, this can soon become an unmanageable nightmare and lead to unimaginable vulnerabilities for the United States or for the western European nations. The issue is in 1
the late formation phase and early interest group formation. The issues are skirting around the cloud circles and in the various CSA congress presentations and has yet to be identified as a full blown threat. The story has been picked up by a few freelance technology journalists. For example, the author for http://www.businesscloud9.com/content/policy-blueprint-cloud-computing-market/11476 has provided enough validation to show the issues surrounding a global cloud dilemma. The main interest groups for this issue will be the consumers and enterprises across the globe that will use the cloud services technology irrespective of geographical boundaries. There is no doubt that the Governments across the globe have to take an active role in formulating the compliance and security protocols and HP being a key leader of cloud services will be impacted by this and needs to be more involved with the formation of any cloud law legislation that will give it a competitive advantage in the non market arena. Cloud Computing Security Risks Issue Summary: Issue  Security vulnerabilities in Cloud Computing Interest  Cloud Security Alliance Groups  Consumer and Enterprise Business using Cloud Services  Banks, Payments Card Industry(PCI)  Government Organizations like US Military Institutions  UK Government Digital Service,  Federal Financial Institutions Examination Council ( FFIEC),  European Network and Information Security Agency (ENISA) Information  Jurisdictional issues of data storage  Cloud Computing conflicting laws and regulations between borders and countries needs to be resolved  Safety of hosting cloud services from China Issue Life  Late issue identification, early interest group Cycle formation Media  Currently the story is published by a few Attention technology magazines. Main stream media is yet to pick up the story but eventually in the next few months, this issue will be a hot topic. HP’s Business Strategic Political Actions for Security Risks Lobbying 2
HP, Microsoft and other internet companies who are offering services on the Cloud have been lobbying for safer cloud computing laws since 2010. Microsoft general counsel Brad Smith insisted on electronic privacy laws being updated during a Senate Judiciary Committee in Washington in 2010. Since then, there have been continued lobbying efforts for cloud security. HP as part of the Cloud Security Alliance group has been lobbying against the Cybersecurity Act of 2012 and has been successful in protecting the cloud initiatives. The above graph shows HP’s spending on lobbying for various causes including trade legislations, cloud security, data security and privacy regulations, patent approvals, free trade, broadband subsidies and defense funding. HP is one of the biggest spenders on lobbying efforts. It hires lobbying firms like Palmetto Group, Mehlman Vogel Castagnetti Inc, Sternhell Group, Innovative Federal Strategies and Akin, Gump et al . HP has spent $3,750,000 so far in 2012 on various lobbying. There are a number of individual cloud computing legislations that HP along with Microsoft, Google, Facebook and other companies have been lobbying like the policy issues in cloud computing, Electronic Communications Privacy Act (ECPA) and the number of other policies regarding,  Cloud Physical Location and Access Issues Jurisdictional issues affecting the Cloud. Example: “safe harbor law - a European law enacted in reaction to the U.S. Patriot Act. Another example is the Trade Agreements Act of 1979 (TAA) prohibits government contractors from using cloud serveices that are set up in countries that don’t have trade agreements with United States.  Privacy, Security and the Cloud Concerns around data stored in the Cloud is less protected than other in other contexts. fundamental concern about the security of essential business and government information and processes maintained in the Cloud.  Law Enforcement and the Cloud Concerns with privacy issues in law enforcement context and legal protections against unreasonable search and seizure of data stored in a Cloud context. Example: Congress is currently reviewing a proposed update to the Electronic Communications Privacy Act 3
 Intellectual Property (IP) and the Cloud Concerns regarding valuable intellectual property, trade secrets or copyrighted material in a Cloud environment. Example: The Digital Millennium Copyright Act provides a safe harbor to cloud service providers from infringement liability for copyright violations if they adhere to guidelines and immediately block access or remove copyrighted materials from their website upon notification.  Global Competition and the Cloud: U.S. companies can compete for a share of global cloud market but U.S. put them at a competitive disadvantage. Example: U.S. Patriot Act Sen. Amy Klobuchar has introduced a new bill called the “Cloud Computing Act of 2012” (S.3569), that is supposed to “ improve the enforcement of criminal and civil law with respect to cloud computing.” The proposed bill’s main purpose is to give “cloud computing services” protections under the CFAA. HP as part of the CSA alliance is lobbying for this bill. Eric Goldman, Internet Law professor from Santa Clara University has written an article on forbes.com regarding the Cloud Computing Act . The article can be found at http://www.forbes.com/sites/ericgoldman/2012/10/02/the-proposed-cloud-computing- act-of-2012-and-how-internet-regulation-can-go-awry/ Forming Coalitions HP is part of the Cloud Security Alliance group to promote the use of best practices for providing security assurance within Cloud Computing. All the top companies like Google, MicroSoft and even US Department of Defense are members of this alliance group. The Alliance aims to provide education on the uses of Cloud Computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. 4
HP along with the CSA has developed a number of useful and valuable resources like the secure best practices for cloud computing, tools for managing governance, risk and compliance, cloud user certification and cloud security knowledge certification, registry of cloud services amongst other cloud security standards. Public Advocacy & Awareness Raising For the last 8 years, every year HP has used events like HP Protect to raise awareness and increase visibility on security infrastructure, potential security risks and breaches, security landscape, cloud security information, security and compliance standards by hosting a two day event where it invites experts, architects, and gurus under one roof. It then makes public all the lectures, information shared during the summit to the general population. HP along with CSA has provided a number of toolkits, handbooks, standards, guides to educate various businesses and public interested in cloud security. HP provides this information on its website and also on CSA website. HP also attends other security conferences like the RSA and shares its knowledge/research with the community. It has also set up community forums, knowledge base, FAQs, social media and blogs to reach out the general public on its efforts on Cloud Computing Security. Summary HP’s Political Strategy for addressing Cloud Security Issues Lobbying  Cloud Physical Location and Access Issues  Privacy, Security and the Cloud  Law Enforcement and the Cloud Electronic Communications Privacy Act  Intellectual Property (IP) and the Cloud The Digital Millennium Copyright Act  Global Competition and the Cloud: U.S. Patriot Act  Cloud Computing Act of 2012 Coalition  Cloud Security Alliance Public Advocacy  Protect 2012 & Raising  RSA Awareness  HP website – community groups, forums, blogs, social media Conclusion HP is taking cloud computing seriously and is using every avenue to be as close as possible to meeting the mandates of the Cloud Security Alliance and the various Government policies in order to avoid any costly mistakes. It is staying close by lobbying to the various legislations related to cloud computing. 5

Recommended

Cybersecurity and Data Privacy Update
Cybersecurity and Data Privacy UpdateCybersecurity and Data Privacy Update
Cybersecurity and Data Privacy UpdateWilmerHale
 
Judicial Frameworks and Privacy Issues of Cloud Computing
Judicial Frameworks and Privacy Issues of Cloud ComputingJudicial Frameworks and Privacy Issues of Cloud Computing
Judicial Frameworks and Privacy Issues of Cloud ComputingInternational Journal of Science and Research (IJSR)
 
Deloitte the case for disruptive technology in the legal profession 2017
Deloitte the case for disruptive technology in the legal profession 2017 Deloitte the case for disruptive technology in the legal profession 2017
Deloitte the case for disruptive technology in the legal profession 2017 Ian Beckett
 
Cybersecurity and Data Privacy
Cybersecurity and Data PrivacyCybersecurity and Data Privacy
Cybersecurity and Data PrivacyWilmerHale
 
Companies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next stepsCompanies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next stepsThe Economist Media Businesses
 
Securing data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law FirmsSecuring data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law FirmsCloudMask inc.
 
Cyber Claims Brief Summer 2016
Cyber Claims Brief Summer 2016Cyber Claims Brief Summer 2016
Cyber Claims Brief Summer 2016Anthony Rapa
 
EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2Paul Richards
 

Recommended

Cybersecurity and Data Privacy Update
Cybersecurity and Data Privacy UpdateCybersecurity and Data Privacy Update
Cybersecurity and Data Privacy UpdateWilmerHale
 
Judicial Frameworks and Privacy Issues of Cloud Computing
Judicial Frameworks and Privacy Issues of Cloud ComputingJudicial Frameworks and Privacy Issues of Cloud Computing
Judicial Frameworks and Privacy Issues of Cloud ComputingInternational Journal of Science and Research (IJSR)
 
Deloitte the case for disruptive technology in the legal profession 2017
Deloitte the case for disruptive technology in the legal profession 2017 Deloitte the case for disruptive technology in the legal profession 2017
Deloitte the case for disruptive technology in the legal profession 2017 Ian Beckett
 
Cybersecurity and Data Privacy
Cybersecurity and Data PrivacyCybersecurity and Data Privacy
Cybersecurity and Data PrivacyWilmerHale
 
Companies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next stepsCompanies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next stepsThe Economist Media Businesses
 
Securing data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law FirmsSecuring data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law FirmsCloudMask inc.
 
Cyber Claims Brief Summer 2016
Cyber Claims Brief Summer 2016Cyber Claims Brief Summer 2016
Cyber Claims Brief Summer 2016Anthony Rapa
 
EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2Paul Richards
 
delphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingdelphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingJes Breslaw
 
Practical Guide to GDPR 2017
Practical Guide to GDPR 2017Practical Guide to GDPR 2017
Practical Guide to GDPR 2017Dryden Geary
 
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...John Nas
 
8 Tech Predictions for 2018
8 Tech Predictions for 20188 Tech Predictions for 2018
8 Tech Predictions for 2018Chelsea Dickson
 
8 Tech Predictions for 2018
8 Tech Predictions for 20188 Tech Predictions for 2018
8 Tech Predictions for 2018Aftab Jamil
 
iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?Hayden McCall
 
GDPR, what you need to know and how to prepare for it e book
GDPR, what you need to know and how to prepare for it e bookGDPR, what you need to know and how to prepare for it e book
GDPR, what you need to know and how to prepare for it e bookPlr-Printables
 
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalDr. Donald Macfarlane
 
Digital Transformation Summit: theJurists Europe case
Digital Transformation Summit: theJurists Europe caseDigital Transformation Summit: theJurists Europe case
Digital Transformation Summit: theJurists Europe caseMatthias Dobbelaere-Welvaert
 
Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)Ashish vishal
 
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz..."Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...Cédric Laurant
 
Cloud security law cyber insurance issues phx 2015 06 19 v1
Cloud security law cyber insurance issues phx 2015 06 19 v1Cloud security law cyber insurance issues phx 2015 06 19 v1
Cloud security law cyber insurance issues phx 2015 06 19 v1Michael C. Keeling, Esq.
 
Cyber risk challenge and the role of insurance
Cyber risk challenge and the role of insuranceCyber risk challenge and the role of insurance
Cyber risk challenge and the role of insuranceMunich Re
 
Trends in legal tech 2018
Trends in legal tech 2018Trends in legal tech 2018
Trends in legal tech 2018Dan Storbaek
 
Trust in the Cloud
Trust in the CloudTrust in the Cloud
Trust in the Cloudblogzilla
 
Marketing data management | The new way to think about your data
Marketing data management | The new way to think about your dataMarketing data management | The new way to think about your data
Marketing data management | The new way to think about your dataLaurence
 
Draft data protection regn 2012
Draft data protection regn 2012Draft data protection regn 2012
Draft data protection regn 2012lilianedwards
 
art - MM Transformer - CIO Council (09-16) v1
art - MM Transformer - CIO Council (09-16) v1art - MM Transformer - CIO Council (09-16) v1
art - MM Transformer - CIO Council (09-16) v1Marlon Moodley
 
INFOMAGAZINE 8 by REAL security
INFOMAGAZINE 8 by REAL securityINFOMAGAZINE 8 by REAL security
INFOMAGAZINE 8 by REAL securitySamo Zavašnik
 
WP-Privacy-IoT-Era - PRODUCTION
WP-Privacy-IoT-Era - PRODUCTIONWP-Privacy-IoT-Era - PRODUCTION
WP-Privacy-IoT-Era - PRODUCTIONJohn Pinson
 
Is There Sun Behind Those Clouds
Is There Sun Behind Those CloudsIs There Sun Behind Those Clouds
Is There Sun Behind Those CloudsJanine Anthony Bowen, Esq.
 
Project 2020 Scenarios for the Future of.docx
Project 2020 Scenarios for the Future of.docxProject 2020 Scenarios for the Future of.docx
Project 2020 Scenarios for the Future of.docxbriancrawford30935
 

More Related Content

What's hot

delphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingdelphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingJes Breslaw
 
Practical Guide to GDPR 2017
Practical Guide to GDPR 2017Practical Guide to GDPR 2017
Practical Guide to GDPR 2017Dryden Geary
 
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...John Nas
 
8 Tech Predictions for 2018
8 Tech Predictions for 20188 Tech Predictions for 2018
8 Tech Predictions for 2018Chelsea Dickson
 
8 Tech Predictions for 2018
8 Tech Predictions for 20188 Tech Predictions for 2018
8 Tech Predictions for 2018Aftab Jamil
 
iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?Hayden McCall
 
GDPR, what you need to know and how to prepare for it e book
GDPR, what you need to know and how to prepare for it e bookGDPR, what you need to know and how to prepare for it e book
GDPR, what you need to know and how to prepare for it e bookPlr-Printables
 
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalDr. Donald Macfarlane
 
Digital Transformation Summit: theJurists Europe case
Digital Transformation Summit: theJurists Europe caseDigital Transformation Summit: theJurists Europe case
Digital Transformation Summit: theJurists Europe caseMatthias Dobbelaere-Welvaert
 
Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)Ashish vishal
 
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz..."Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...Cédric Laurant
 
Cloud security law cyber insurance issues phx 2015 06 19 v1
Cloud security law cyber insurance issues phx 2015 06 19 v1Cloud security law cyber insurance issues phx 2015 06 19 v1
Cloud security law cyber insurance issues phx 2015 06 19 v1Michael C. Keeling, Esq.
 
Cyber risk challenge and the role of insurance
Cyber risk challenge and the role of insuranceCyber risk challenge and the role of insurance
Cyber risk challenge and the role of insuranceMunich Re
 
Trends in legal tech 2018
Trends in legal tech 2018Trends in legal tech 2018
Trends in legal tech 2018Dan Storbaek
 
Trust in the Cloud
Trust in the CloudTrust in the Cloud
Trust in the Cloudblogzilla
 
Marketing data management | The new way to think about your data
Marketing data management | The new way to think about your dataMarketing data management | The new way to think about your data
Marketing data management | The new way to think about your dataLaurence
 
Draft data protection regn 2012
Draft data protection regn 2012Draft data protection regn 2012
Draft data protection regn 2012lilianedwards
 
art - MM Transformer - CIO Council (09-16) v1
art - MM Transformer - CIO Council (09-16) v1art - MM Transformer - CIO Council (09-16) v1
art - MM Transformer - CIO Council (09-16) v1Marlon Moodley
 
INFOMAGAZINE 8 by REAL security
INFOMAGAZINE 8 by REAL securityINFOMAGAZINE 8 by REAL security
INFOMAGAZINE 8 by REAL securitySamo Zavašnik
 

What's hot (19)

delphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingdelphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-masking
 
Practical Guide to GDPR 2017
Practical Guide to GDPR 2017Practical Guide to GDPR 2017
Practical Guide to GDPR 2017
 
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...
 
8 Tech Predictions for 2018
8 Tech Predictions for 20188 Tech Predictions for 2018
8 Tech Predictions for 2018
 
8 Tech Predictions for 2018
8 Tech Predictions for 20188 Tech Predictions for 2018
8 Tech Predictions for 2018
 
iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?
 
GDPR, what you need to know and how to prepare for it e book
GDPR, what you need to know and how to prepare for it e bookGDPR, what you need to know and how to prepare for it e book
GDPR, what you need to know and how to prepare for it e book
 
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
 
Digital Transformation Summit: theJurists Europe case
Digital Transformation Summit: theJurists Europe caseDigital Transformation Summit: theJurists Europe case
Digital Transformation Summit: theJurists Europe case
 
Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)
 
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz..."Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
 
Cloud security law cyber insurance issues phx 2015 06 19 v1
Cloud security law cyber insurance issues phx 2015 06 19 v1Cloud security law cyber insurance issues phx 2015 06 19 v1
Cloud security law cyber insurance issues phx 2015 06 19 v1
 
Cyber risk challenge and the role of insurance
Cyber risk challenge and the role of insuranceCyber risk challenge and the role of insurance
Cyber risk challenge and the role of insurance
 
Trends in legal tech 2018
Trends in legal tech 2018Trends in legal tech 2018
Trends in legal tech 2018
 
Trust in the Cloud
Trust in the CloudTrust in the Cloud
Trust in the Cloud
 
Marketing data management | The new way to think about your data
Marketing data management | The new way to think about your dataMarketing data management | The new way to think about your data
Marketing data management | The new way to think about your data
 
Draft data protection regn 2012
Draft data protection regn 2012Draft data protection regn 2012
Draft data protection regn 2012
 
art - MM Transformer - CIO Council (09-16) v1
art - MM Transformer - CIO Council (09-16) v1art - MM Transformer - CIO Council (09-16) v1
art - MM Transformer - CIO Council (09-16) v1
 
INFOMAGAZINE 8 by REAL security
INFOMAGAZINE 8 by REAL securityINFOMAGAZINE 8 by REAL security
INFOMAGAZINE 8 by REAL security
 

Similar to The non market issue of cloud computing hp - cloud security alliance

WP-Privacy-IoT-Era - PRODUCTION
WP-Privacy-IoT-Era - PRODUCTIONWP-Privacy-IoT-Era - PRODUCTION
WP-Privacy-IoT-Era - PRODUCTIONJohn Pinson
 
Project 2020 Scenarios for the Future of.docx
Project 2020 Scenarios for the Future of.docxProject 2020 Scenarios for the Future of.docx
Project 2020 Scenarios for the Future of.docxbriancrawford30935
 
Legal issues in technology
Legal issues in technologyLegal issues in technology
Legal issues in technologyEzraGray1
 
Cloud Computing: New Approaches for Security
Cloud Computing: New Approaches for SecurityCloud Computing: New Approaches for Security
Cloud Computing: New Approaches for SecurityJohn Rhoton
 
(300-400 words)1- Watch anyone of the following documentarymovi.docx
(300-400 words)1- Watch anyone of the following documentarymovi.docx(300-400 words)1- Watch anyone of the following documentarymovi.docx
(300-400 words)1- Watch anyone of the following documentarymovi.docxmayank272369
 
How Secure Is Cloud
How Secure Is CloudHow Secure Is Cloud
How Secure Is CloudWilliam Lam
 
Cloud Webinar Neiditz Weitz Mitchell Goodman
Cloud Webinar Neiditz Weitz Mitchell GoodmanCloud Webinar Neiditz Weitz Mitchell Goodman
Cloud Webinar Neiditz Weitz Mitchell Goodmanjonneiditz
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the newsunnyjoshi88
 
Quick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for BusinessesQuick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for BusinessesCompTIA
 
My Little Blurb From Cloud Connect 2010
My Little Blurb From Cloud Connect 2010My Little Blurb From Cloud Connect 2010
My Little Blurb From Cloud Connect 2010Bharath Ram Srinivasan
 
VET4SBO Level 2 module 6 - unit 4 - v0.9 en
VET4SBO Level 2 module 6 - unit 4 - v0.9 enVET4SBO Level 2 module 6 - unit 4 - v0.9 en
VET4SBO Level 2 module 6 - unit 4 - v0.9 enKarel Van Isacker
 
What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore? What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore? Abraham Vergis
 

Similar to The non market issue of cloud computing hp - cloud security alliance (20)

WP-Privacy-IoT-Era - PRODUCTION
WP-Privacy-IoT-Era - PRODUCTIONWP-Privacy-IoT-Era - PRODUCTION
WP-Privacy-IoT-Era - PRODUCTION
 
Is There Sun Behind Those Clouds
Is There Sun Behind Those CloudsIs There Sun Behind Those Clouds
Is There Sun Behind Those Clouds
 
Project 2020 Scenarios for the Future of.docx
Project 2020 Scenarios for the Future of.docxProject 2020 Scenarios for the Future of.docx
Project 2020 Scenarios for the Future of.docx
 
NIST article I wrote
NIST article I wroteNIST article I wrote
NIST article I wrote
 
Legal issues in technology
Legal issues in technologyLegal issues in technology
Legal issues in technology
 
Cloud Computing: New Approaches for Security
Cloud Computing: New Approaches for SecurityCloud Computing: New Approaches for Security
Cloud Computing: New Approaches for Security
 
(300-400 words)1- Watch anyone of the following documentarymovi.docx
(300-400 words)1- Watch anyone of the following documentarymovi.docx(300-400 words)1- Watch anyone of the following documentarymovi.docx
(300-400 words)1- Watch anyone of the following documentarymovi.docx
 
Apt 510 slideshare
Apt 510 slideshareApt 510 slideshare
Apt 510 slideshare
 
softwss
softwsssoftwss
softwss
 
How Secure Is Cloud
How Secure Is CloudHow Secure Is Cloud
How Secure Is Cloud
 
Cloud Webinar Neiditz Weitz Mitchell Goodman
Cloud Webinar Neiditz Weitz Mitchell GoodmanCloud Webinar Neiditz Weitz Mitchell Goodman
Cloud Webinar Neiditz Weitz Mitchell Goodman
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the new
 
Quick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for BusinessesQuick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for Businesses
 
Privacy Year In Preview
Privacy Year In PreviewPrivacy Year In Preview
Privacy Year In Preview
 
Interner of Things Iinsurance gateway
Interner of Things Iinsurance gateway Interner of Things Iinsurance gateway
Interner of Things Iinsurance gateway
 
My Little Blurb From Cloud Connect 2010
My Little Blurb From Cloud Connect 2010My Little Blurb From Cloud Connect 2010
My Little Blurb From Cloud Connect 2010
 
Challenges of IP protection in era of cloud computing
Challenges of IP protection in era of cloud computingChallenges of IP protection in era of cloud computing
Challenges of IP protection in era of cloud computing
 
Clouds Roll In
Clouds Roll InClouds Roll In
Clouds Roll In
 
VET4SBO Level 2 module 6 - unit 4 - v0.9 en
VET4SBO Level 2 module 6 - unit 4 - v0.9 enVET4SBO Level 2 module 6 - unit 4 - v0.9 en
VET4SBO Level 2 module 6 - unit 4 - v0.9 en
 
What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore? What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore?
 

Recently uploaded

WSMM Technology February.March Newsletter_vF.pdf
WSMM Technology February.March Newsletter_vF.pdfWSMM Technology February.March Newsletter_vF.pdf
WSMM Technology February.March Newsletter_vF.pdfJamesConcepcion7
 
Driving Business Impact for PMs with Jon Harmer
Driving Business Impact for PMs with Jon HarmerDriving Business Impact for PMs with Jon Harmer
Driving Business Impact for PMs with Jon HarmerAggregage
 
Unveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic ExperiencesUnveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic ExperiencesDoe Paoro
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMVoces Mineras
 
TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024Adnet Communications
 
digital marketing , introduction of digital marketing
digital marketing , introduction of digital marketingdigital marketing , introduction of digital marketing
digital marketing , introduction of digital marketingrajputmeenakshi733
 
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxThe-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxmbikashkanyari
 
20200128 Ethical by Design - Whitepaper.pdf
20200128 Ethical by Design - Whitepaper.pdf20200128 Ethical by Design - Whitepaper.pdf
20200128 Ethical by Design - Whitepaper.pdfChris Skinner
 
Types of Cyberattacks - ASG I.T. Consulting.pdf
Types of Cyberattacks - ASG I.T. Consulting.pdfTypes of Cyberattacks - ASG I.T. Consulting.pdf
Types of Cyberattacks - ASG I.T. Consulting.pdfASGITConsulting
 
Guide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFGuide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFChandresh Chudasama
 
Strategic Project Finance Essentials: A Project Manager’s Guide to Financial ...
Strategic Project Finance Essentials: A Project Manager’s Guide to Financial ...Strategic Project Finance Essentials: A Project Manager’s Guide to Financial ...
Strategic Project Finance Essentials: A Project Manager’s Guide to Financial ...Aggregage
 
Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...
Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...
Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...ssuserf63bd7
 
Planetary and Vedic Yagyas Bring Positive Impacts in Life
Planetary and Vedic Yagyas Bring Positive Impacts in LifePlanetary and Vedic Yagyas Bring Positive Impacts in Life
Planetary and Vedic Yagyas Bring Positive Impacts in LifeBhavana Pujan Kendra
 
GUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdf
GUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdfGUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdf
GUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdfDanny Diep To
 
Effective Strategies for Maximizing Your Profit When Selling Gold Jewelry
Effective Strategies for Maximizing Your Profit When Selling Gold JewelryEffective Strategies for Maximizing Your Profit When Selling Gold Jewelry
Effective Strategies for Maximizing Your Profit When Selling Gold JewelryWhittensFineJewelry1
 
WSMM Media and Entertainment Feb_March_Final.pdf
WSMM Media and Entertainment Feb_March_Final.pdfWSMM Media and Entertainment Feb_March_Final.pdf
WSMM Media and Entertainment Feb_March_Final.pdfJamesConcepcion7
 
Technical Leaders - Working with the Management Team
Technical Leaders - Working with the Management TeamTechnical Leaders - Working with the Management Team
Technical Leaders - Working with the Management TeamArik Fletcher
 
1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdf1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdfShaun Heinrichs
 
Interoperability and ecosystems: Assembling the industrial metaverse
Interoperability and ecosystems: Assembling the industrial metaverseInteroperability and ecosystems: Assembling the industrial metaverse
Interoperability and ecosystems: Assembling the industrial metaverseSiemens
 
14680-51-4.pdf Good quality CAS Good quality CAS
14680-51-4.pdf Good quality CAS Good quality CAS14680-51-4.pdf Good quality CAS Good quality CAS
14680-51-4.pdf Good quality CAS Good quality CAScathy664059
 

Recently uploaded (20)

WSMM Technology February.March Newsletter_vF.pdf
WSMM Technology February.March Newsletter_vF.pdfWSMM Technology February.March Newsletter_vF.pdf
WSMM Technology February.March Newsletter_vF.pdf
 
Driving Business Impact for PMs with Jon Harmer
Driving Business Impact for PMs with Jon HarmerDriving Business Impact for PMs with Jon Harmer
Driving Business Impact for PMs with Jon Harmer
 
Unveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic ExperiencesUnveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic Experiences
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQM
 
TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024
 
digital marketing , introduction of digital marketing
digital marketing , introduction of digital marketingdigital marketing , introduction of digital marketing
digital marketing , introduction of digital marketing
 
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxThe-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
 
20200128 Ethical by Design - Whitepaper.pdf
20200128 Ethical by Design - Whitepaper.pdf20200128 Ethical by Design - Whitepaper.pdf
20200128 Ethical by Design - Whitepaper.pdf
 
Types of Cyberattacks - ASG I.T. Consulting.pdf
Types of Cyberattacks - ASG I.T. Consulting.pdfTypes of Cyberattacks - ASG I.T. Consulting.pdf
Types of Cyberattacks - ASG I.T. Consulting.pdf
 
Guide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFGuide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDF
 
Strategic Project Finance Essentials: A Project Manager’s Guide to Financial ...
Strategic Project Finance Essentials: A Project Manager’s Guide to Financial ...Strategic Project Finance Essentials: A Project Manager’s Guide to Financial ...
Strategic Project Finance Essentials: A Project Manager’s Guide to Financial ...
 
Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...
Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...
Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...
 
Planetary and Vedic Yagyas Bring Positive Impacts in Life
Planetary and Vedic Yagyas Bring Positive Impacts in LifePlanetary and Vedic Yagyas Bring Positive Impacts in Life
Planetary and Vedic Yagyas Bring Positive Impacts in Life
 
GUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdf
GUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdfGUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdf
GUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdf
 
Effective Strategies for Maximizing Your Profit When Selling Gold Jewelry
Effective Strategies for Maximizing Your Profit When Selling Gold JewelryEffective Strategies for Maximizing Your Profit When Selling Gold Jewelry
Effective Strategies for Maximizing Your Profit When Selling Gold Jewelry
 
WSMM Media and Entertainment Feb_March_Final.pdf
WSMM Media and Entertainment Feb_March_Final.pdfWSMM Media and Entertainment Feb_March_Final.pdf
WSMM Media and Entertainment Feb_March_Final.pdf
 
Technical Leaders - Working with the Management Team
Technical Leaders - Working with the Management TeamTechnical Leaders - Working with the Management Team
Technical Leaders - Working with the Management Team
 
1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdf1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdf
 
Interoperability and ecosystems: Assembling the industrial metaverse
Interoperability and ecosystems: Assembling the industrial metaverseInteroperability and ecosystems: Assembling the industrial metaverse
Interoperability and ecosystems: Assembling the industrial metaverse
 
14680-51-4.pdf Good quality CAS Good quality CAS
14680-51-4.pdf Good quality CAS Good quality CAS14680-51-4.pdf Good quality CAS Good quality CAS
14680-51-4.pdf Good quality CAS Good quality CAS
 

The non market issue of cloud computing hp - cloud security alliance

  • 1. Sumaya Shakir Sumaya.shakir@gmail.com September 2012 Cloud Computing Security Risks Background and key information: It finally seems like the Feds are catching up with the Cloud era boom. The US government has released its stand on the data security on cloud technologies at the Security in Government 2012 conference. Important concerns regarding the jurisdictional issues of data storage were raised. The Federal Financial Institutions Examination Council(FFIEC) issued a press release with cloud computing risks and issued guidelines in its FFIEC IT Examination Handbook. The department will be coming up with new cloud guidelines. Separately in Europe, the European Network and Information Security Agency (ENISA) and the Cloud Security Alliance (CSA) have come up with their own assessment of how to addresses cloud risk guidelines. The European commission and European data protection council has issued statements indicating firms offering cloud solutions should offer legal clarity and clear privacy policies. The UK Government Digital Service is formulating its policies to maximize on the potential benefits to the UK economy. The CSA is also working on standards for cloud interface. HP has partnered with VMware in providing cloud platform solutions. The partnership aims at providing infrastructure with strong security and converged cloud solutions to the PCI industry. The companies are selling their solutions that goes beyond addressing the security guidelines put forth by various councils; it will be interesting to see how HP- VMware partnership will fair against various commission guidelines. In another initiative HP has partnered with Microsoft for cloud integration. HP has signed new contracts with various government organizations to provide both hardware and software solutions. HP has made new investments in cloud computing in China. Following its China five-year growth plan, HP opened a brand new center called HP Cloud Executive Briefing Center in Tianjin and expanded its R & D in China. In addition, HP has started other big investments in China. With so many countries and their respective Governments on the bandwagon trying to form their own policies and drawing the blueprint of how the cloud infrastructure should look like, the result will be a set of conflicting laws and regulations between borders and countries. To add to the complexity, some governments are leery of working with China. And China’s stand on how these services will impact its own industry and Government is a question that is yet to be raised. While HP is ahead of the game, it may be missing some key mandates from the Cloud Security Alliance and the various Government policies that could prove as a costly mistake. Moreover setting up a cloud hub in China could be security threat to businesses and organization in the US including the US government especially in the wake of latest allegations in regards to spying from two big Chinese firms ZTE Corp. and Huawei Technologies. Given the sensitive nature of government and payment data, this can soon become an unmanageable nightmare and lead to unimaginable vulnerabilities for the United States or for the western European nations. The issue is in 1
  • 2. the late formation phase and early interest group formation. The issues are skirting around the cloud circles and in the various CSA congress presentations and has yet to be identified as a full blown threat. The story has been picked up by a few freelance technology journalists. For example, the author for http://www.businesscloud9.com/content/policy-blueprint-cloud-computing-market/11476 has provided enough validation to show the issues surrounding a global cloud dilemma. The main interest groups for this issue will be the consumers and enterprises across the globe that will use the cloud services technology irrespective of geographical boundaries. There is no doubt that the Governments across the globe have to take an active role in formulating the compliance and security protocols and HP being a key leader of cloud services will be impacted by this and needs to be more involved with the formation of any cloud law legislation that will give it a competitive advantage in the non market arena. Cloud Computing Security Risks Issue Summary: Issue  Security vulnerabilities in Cloud Computing Interest  Cloud Security Alliance Groups  Consumer and Enterprise Business using Cloud Services  Banks, Payments Card Industry(PCI)  Government Organizations like US Military Institutions  UK Government Digital Service,  Federal Financial Institutions Examination Council ( FFIEC),  European Network and Information Security Agency (ENISA) Information  Jurisdictional issues of data storage  Cloud Computing conflicting laws and regulations between borders and countries needs to be resolved  Safety of hosting cloud services from China Issue Life  Late issue identification, early interest group Cycle formation Media  Currently the story is published by a few Attention technology magazines. Main stream media is yet to pick up the story but eventually in the next few months, this issue will be a hot topic. HP’s Business Strategic Political Actions for Security Risks Lobbying 2
  • 3. HP, Microsoft and other internet companies who are offering services on the Cloud have been lobbying for safer cloud computing laws since 2010. Microsoft general counsel Brad Smith insisted on electronic privacy laws being updated during a Senate Judiciary Committee in Washington in 2010. Since then, there have been continued lobbying efforts for cloud security. HP as part of the Cloud Security Alliance group has been lobbying against the Cybersecurity Act of 2012 and has been successful in protecting the cloud initiatives. The above graph shows HP’s spending on lobbying for various causes including trade legislations, cloud security, data security and privacy regulations, patent approvals, free trade, broadband subsidies and defense funding. HP is one of the biggest spenders on lobbying efforts. It hires lobbying firms like Palmetto Group, Mehlman Vogel Castagnetti Inc, Sternhell Group, Innovative Federal Strategies and Akin, Gump et al . HP has spent $3,750,000 so far in 2012 on various lobbying. There are a number of individual cloud computing legislations that HP along with Microsoft, Google, Facebook and other companies have been lobbying like the policy issues in cloud computing, Electronic Communications Privacy Act (ECPA) and the number of other policies regarding,  Cloud Physical Location and Access Issues Jurisdictional issues affecting the Cloud. Example: “safe harbor law - a European law enacted in reaction to the U.S. Patriot Act. Another example is the Trade Agreements Act of 1979 (TAA) prohibits government contractors from using cloud serveices that are set up in countries that don’t have trade agreements with United States.  Privacy, Security and the Cloud Concerns around data stored in the Cloud is less protected than other in other contexts. fundamental concern about the security of essential business and government information and processes maintained in the Cloud.  Law Enforcement and the Cloud Concerns with privacy issues in law enforcement context and legal protections against unreasonable search and seizure of data stored in a Cloud context. Example: Congress is currently reviewing a proposed update to the Electronic Communications Privacy Act 3
  • 4. Intellectual Property (IP) and the Cloud Concerns regarding valuable intellectual property, trade secrets or copyrighted material in a Cloud environment. Example: The Digital Millennium Copyright Act provides a safe harbor to cloud service providers from infringement liability for copyright violations if they adhere to guidelines and immediately block access or remove copyrighted materials from their website upon notification.  Global Competition and the Cloud: U.S. companies can compete for a share of global cloud market but U.S. put them at a competitive disadvantage. Example: U.S. Patriot Act Sen. Amy Klobuchar has introduced a new bill called the “Cloud Computing Act of 2012” (S.3569), that is supposed to “ improve the enforcement of criminal and civil law with respect to cloud computing.” The proposed bill’s main purpose is to give “cloud computing services” protections under the CFAA. HP as part of the CSA alliance is lobbying for this bill. Eric Goldman, Internet Law professor from Santa Clara University has written an article on forbes.com regarding the Cloud Computing Act . The article can be found at http://www.forbes.com/sites/ericgoldman/2012/10/02/the-proposed-cloud-computing- act-of-2012-and-how-internet-regulation-can-go-awry/ Forming Coalitions HP is part of the Cloud Security Alliance group to promote the use of best practices for providing security assurance within Cloud Computing. All the top companies like Google, MicroSoft and even US Department of Defense are members of this alliance group. The Alliance aims to provide education on the uses of Cloud Computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. 4
  • 5. HP along with the CSA has developed a number of useful and valuable resources like the secure best practices for cloud computing, tools for managing governance, risk and compliance, cloud user certification and cloud security knowledge certification, registry of cloud services amongst other cloud security standards. Public Advocacy & Awareness Raising For the last 8 years, every year HP has used events like HP Protect to raise awareness and increase visibility on security infrastructure, potential security risks and breaches, security landscape, cloud security information, security and compliance standards by hosting a two day event where it invites experts, architects, and gurus under one roof. It then makes public all the lectures, information shared during the summit to the general population. HP along with CSA has provided a number of toolkits, handbooks, standards, guides to educate various businesses and public interested in cloud security. HP provides this information on its website and also on CSA website. HP also attends other security conferences like the RSA and shares its knowledge/research with the community. It has also set up community forums, knowledge base, FAQs, social media and blogs to reach out the general public on its efforts on Cloud Computing Security. Summary HP’s Political Strategy for addressing Cloud Security Issues Lobbying  Cloud Physical Location and Access Issues  Privacy, Security and the Cloud  Law Enforcement and the Cloud Electronic Communications Privacy Act  Intellectual Property (IP) and the Cloud The Digital Millennium Copyright Act  Global Competition and the Cloud: U.S. Patriot Act  Cloud Computing Act of 2012 Coalition  Cloud Security Alliance Public Advocacy  Protect 2012 & Raising  RSA Awareness  HP website – community groups, forums, blogs, social media Conclusion HP is taking cloud computing seriously and is using every avenue to be as close as possible to meeting the mandates of the Cloud Security Alliance and the various Government policies in order to avoid any costly mistakes. It is staying close by lobbying to the various legislations related to cloud computing. 5