Cloud computing is rapidly becoming a business information technology buzzword, but there is still much debate on what exactly it is and how it benefits enterprises.

A new White Paper from ISACA, a non-profit association of 86,000 global information technology professionals that promotes information systems assurance and security, clearly describes how enterprises can achieve greater efficiencies and mitigate new risks associated with cloud computing.

The White Paper, "Cloud Computing: Business Benefits with Security, Governance and Assurance Perspectives", is available as a free download from www.isaca.org/cloud ISACA said cloud computing offers enterprises the ability to reduce IT infrastructure costs through a model of paying for service on demand. This requires less upfront capital expenditure and allows businesses to benefit from the ability to efficiently ramp up and power down based on current needs, as well as the flexibility to introduce new IT services.

"One way of describing cloud computing is to compare it to a utility," said Jeff Spivey, trustee for the IT Governance Institute, which is affiliated with ISACA, and director of Security Risk Management, Inc. "In the same way businesses pay for the amount of electricity, gas and water that they use, there is now the ability to pay for IT services based on how much is consumed."

As with any new advancement, though, there are many facets to consider.

"The benefits of cloud computing are tremendous, but it also creates new risks and security concerns," added Mr Spivey. "Through cloud computing, IT services can be contracted through an external provider, so new governance and control approaches are needed to ensure flexibility, resilience and security."

According to the White Paper, in addition to the financial savings involved with cloud computing, one of this model's strengths is for enterprises to streamline processes and increase innovation. This can translate into more reliable backup, more satisfied customers, increased scalability and possibly even higher margins.

While the risks associated with cloud computing may be similar to business IT risks already addressed, enterprises may need to adjust their policies and procedures to focus on the new dynamic environment. The white paper also delivers effective strategies for mitigating risks and addressing assurance issues related to cloud computing.

"The cloud represents a major change in the way computing resources will be utilised," said Mr Spivey. "By addressing many of these issues in advance, and with the involvement of a broad range of stakeholders, enterprises can gain significant advantage with appropriate control."

In recognition of new risks around this emergent technology, ISACA has become an affiliate of the Cloud Security Alliance, which collaborated on this paper and will be involved in joint projects with ISACA in the future (www.cloudsecurityalliance.org).

The ISACA Malta Chapter was founded in 2005 and to date has over 100 members.

www.isaca-malta.org

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.