How Cloud Computing Security Resembles the Financial Meltdown

How Cloud Computing Security Resembles the Financial Meltdown

One of the problems that led to the financial crisis was that financial companies paid agencies like Moody’s and Standard & Poor’s to rate their products—a clear conflict of interest. Surprisingly, something similar happens in the world of cloud computing.

In a new report, Gartner’s Jay Heiser points out that cloud computing vendors pay the certifying agencies for SAS 70 certifications. Organizations rely on those certifications to ensure that their vendors are meeting best practices, but maybe they should be more diligent.

The report warns, “Do not accept the claimed existence of a certification or other third-party assessment as being adequate proof of security and continuity fitness for purpose. Thoroughly review the assessor’s written report to ensure that the scope of evaluation is adequate, and that all necessary processes and technologies were appropriately addressed.”

View article


About Our Editorial Process

At DevX, we’re dedicated to tech entrepreneurship. Our team closely follows industry shifts, new products, AI breakthroughs, technology trends, and funding announcements. Articles undergo thorough editing to ensure accuracy and clarity, reflecting DevX’s style and supporting entrepreneurs in the tech sphere.

See our full editorial policy.

About Our Journalist