LOW-RISK CLOUD IMPLEMENTATION IS THE SECRET TO NECESSARY CHANGE
SAN RAMON, Calif.—May 22, 2014 — Avatier Corp., a leader in risk-driven identity management software and information security consulting, is shining a spotlight on "cloud cultures" this week and how they can, and must, change. In the company's "The Culture of Cloud in an Information Security World" blog, Ryan Ward, head of IT Security Consulting, an Avatier company, suggests that the rate and extent of cloud adoption can be linked directly to a company's corporate and IT culture.
Ward notes that a cloud culture seems to apply to any cloud solution decision, whether IaaS, PaaS, or SaaS. "Many corporations are basically risk adverse," he states. "However, no matter what your current state, cultures can change over time, and I believe there is a logical transition that can occur to safely migrate to cloud acceptance. Just as CEOs can strive to change corporate culture within their organization to meet specific goals, CISOs and CIOs can evolve IT culture to help meet business goals as well."
However, this should not be a forced migration, Ward stresses, because security issues as well as operational issues can occur. Both IT and Information Security capabilities need time to evolve and mature. As cloud culture evolves and matures within an organization, he suggests that companies start with smaller initiatives and grow from there. Low-risk decisions should be made first.
"If you are part of an organization that chooses not to invest in any cloud-based technologies, a great way to become comfortable with the concept of cloud, with minor risk, is to select a SaaS solution that contains minimal or no sensitive data," he concludes. "By starting down this path, you can develop information security processes to review cloud vendors and become comfortable with the overall concept of cloud. Using a framework such as the Cloud Security Alliance Cloud Controls Matrix can really help build information security competencies without reinventing the wheel."
Avatier is the identity management company designed for business users. We automate and unify enterprise operations by standardizing business processes with an IT store. Our IT service catalog creates a single system of record for access requests and IT audit.
Our easily extensible identity management system lowers operational costs and provides corporate governance visibility. Avatier automates workflow and compliance reviews to reduce IT governance risks.
Founded in 1997, Avatier is headquartered in the San Francisco Bay area with offices in Chicago, Dallas, New York, Washington DC, London, Munich, Singapore, Dublin, and Sydney. Our products operate globally for customers like Marriott, DHL, Halliburton, Starbucks and hundreds more. For more information, please visit www.avatier.com and follow @Avatier on Twitter.
Clarity Communications for Avatier
Direct: +1-415-963-4082 x101