September 24, 2020

Volume X, Number 268

September 23, 2020

Subscribe to Latest Legal News and Analysis

September 22, 2020

Subscribe to Latest Legal News and Analysis

September 21, 2020

Subscribe to Latest Legal News and Analysis

Assessing the Security of Your Cloud Solutions

The adoption of cloud based solutions offer many advantages to businesses, such as cost savings, efficiencies and flexibility. Cloud based solutions can also improve data security as cloud providers will be tasked with monitoring the security of their solutions, updating software and improving security features as required.    

However, adopting a cloud based solution will not automatically reduce an organisation’s exposure to cyber risks. Care must be taken before procuring a cloud based solution and any solution must be properly assessed from a security perspective.  

The Australian Cyber Security Centre (ACSC) has released cloud security guidance material, including a cloud security assessment framework to assess cloud service providers and their cloud computing services. While Government entities must complete a cloud security assessment before it procures a cloud solution, the ACSC resources may be used by non-government organisations to assess their cloud solutions.

In a world where organisations are increasingly reliant on cloud based solutions and cyber threats continue to rise each year, it is prudent for all organisations to prioritise the assessment of a cloud solution’s security capability before procuring and implementing that solution. Without assessing and understanding the security risks of adopting a particular solution, it is difficult to properly implement controls to mitigate cyber risks and understand if a solution meets an organisation’s security requirements and risk tolerance.

Thus, the ACSC’s cloud security guidance is a useful resource and tool to enable organisations to assess the security of cloud based solutions.

Copyright 2020 K & L GatesNational Law Review, Volume X, Number 260


About this Author

Cameron Abbott, Technology, Attorney, Australia, corporate, KL Gates Law Firm

Mr. Abbott is a corporate lawyer who focuses on technology, telecommunications and broadcasting transactions. He assists corporations and vendors in managing their technology requirements and contracts, particularly large outsourcing and technology procurements issues including licensing terms for SAP and Oracle and major system integration transactions.

Mr. Abbott partners with his clients to ensure market leading solutions are implemented in to their businesses. He concentrates on managing and negotiating complex technology solutions, which...

Keely O'Dowd, K&L Gates, attorney, Melbourne

Ms. O'Dowd is an experienced lawyer with a focus on technology and sourcing projects. She advises on a broad range of technology transactions, including procurement, outsourcing and software licensing. This work includes drafting and advising on a range of IT procurement and supply agreements. Ms. O'Dowd advises a range of corporations on privacy and cybersecurity.