Companies are increasingly outsourcing to cloud service providers. Although cloud outsourcing can offer a number of benefits, including reduced costs and enhanced operational efficiency and flexibility, it raises challenges in terms of data protection and information security.
The risks associated with cloud computing are different from those posed by traditional service providers, as a result, different controls, policies and procedures need to be implemented to mitigate those risks.
The policy provides guidance to staff on the processes and procedures that must be followed when utilising cloud services e.g. AWS/ Azure or SaaS solutions running on a cloud environment.
This policy includes sections on:
- Oversight of cloud service providers
- Information security
- Exit strategies