Cloud Computing in Government and Enterprise

Cloud computing provides organisations with many would-be benefits, including improved productivity, efficiency and potential cost savings. However as more government agencies and enterprises move towards using cloud services, it is important these organisations understand the information security risks, privacy impacts and compliance implications involved. For example, organisations need to consider the integration of cloud services with existing technologies, securing data stored within a cloud service and the effectiveness of security controls applied by the Cloud Service Provider.
Cloud Service Providers are also looking for a way of demonstrating the robustness of their services through validation of a security assurance program.
The Australian Signals Directorate (ASD) has developed a series of documents to assist organisations looking to migrate to cloud computing workloads. In addition ASD has also developed guidance for Cloud Service Providers that are looking to offer secure cloud services.

How Foresight can help

1. Cloud Service Providers

Foresight has unique insight into cloud services, having IRAP-assessed one of the largest Cloud Service Providers in the world. Foresight has had experience working with providers of Infrastructure as a Service, Platform as a Service and Software as a Service. We are well placed to offer IRAP assessment services, security advisory and design services to Cloud Service Providers, to assist in demonstrating security assurance to the Australian public and private sector.

We can also assist Cloud Service Providers to address ISM compliance and development of practical and effective security controls for cloud services.

Finally, Foresight can assist Cloud Service Providers to mitigate risks outlined in ASD’s Cloud Computing Security for Cloud Service Providers documentation.

Cloud Security

2. Tenant Organisations

Foresight can also assist cloud tenants at all stages of their cloud migration project.

Foresight can provide services such as:

  • Assisting organisations in determining their internal and external security requirements
  • Security risk assessments focusing on applicable risks, such as those found in ASD Cloud Computing Security documentation
  • Independent IRAP assessments of proposed cloud solutions, including verification of Cloud Service Provider claims
  • Incident response and analysis for security incidents occurring within a cloud service
  • Ongoing review of ISM compliance

Foresight can assist both Cloud Service Providers and tenant organisations in assessment of compliance and risks quickly and consistently to ensure the business focuses on achieving their desired outcomes.