Friday, July 20, 2012

Financial Regulators Address Cloud Security

In effort to help financial institutions address and understand the risk of cloud computing and avoid outsourcing haphazardly, the US Federal Financial Institutions Examination Council (FFIEC) has published Outsourced Cloud Computing.

Image source: Article
This resource document stresses the importance of due diligence when shopping cloud service providers. Vendors may be unaware of the regulatory requirements applicable to financial institutions, but the financial institutions are still responsible for the compliance and security of their records and therefore must make sure their providers meet risk-management, compliance, quality-of-service, and cost standards.

Focused on business continuity planning, regulatory and legal compliance, audits, information security, vendor management, and due diligence, this FFIEC resource is an excellent guide for outsourcing cloud services and hammering out your vendor contracts and service-level agreements.

Read the story in CloudTimes and take advantage of this invaluable resource for your CU.

No comments: