Welcome to the InfoSci Platform
Management of Privacy and Security in Cloud Computing: Contractual Controls in Service Agreements

Management of Privacy and Security in Cloud Computing: Contractual Controls in Service Agreements

Deniz Tuncalp
Copyright: © 2016 |Pages: 26
ISBN13: 9781466694668|ISBN10: 1466694661|EISBN13: 9781466694675
DOI: 10.4018/978-1-4666-9466-8.ch070
Cite Chapter Cite Chapter

MLA

Tuncalp, Deniz. "Management of Privacy and Security in Cloud Computing: Contractual Controls in Service Agreements." Web-Based Services: Concepts, Methodologies, Tools, and Applications, edited by Information Resources Management Association, IGI Global, 2016, pp. 1585-1610. https://doi.org/10.4018/978-1-4666-9466-8.ch070

APA

Tuncalp, D. (2016). Management of Privacy and Security in Cloud Computing: Contractual Controls in Service Agreements. In I. Management Association (Ed.), Web-Based Services: Concepts, Methodologies, Tools, and Applications (pp. 1585-1610). IGI Global. https://doi.org/10.4018/978-1-4666-9466-8.ch070

Chicago

Tuncalp, Deniz. "Management of Privacy and Security in Cloud Computing: Contractual Controls in Service Agreements." In Web-Based Services: Concepts, Methodologies, Tools, and Applications, edited by Information Resources Management Association, 1585-1610. Hershey, PA: IGI Global, 2016. https://doi.org/10.4018/978-1-4666-9466-8.ch070

Export Reference

Mendeley
Favorite

Abstract

There are a number of risk domains that are relevant for information privacy and security in cloud-based scenarios and alternative deployment models, which require implementation of a number of controls. However, cloud service providers often take a one-size-fits-all approach and want all their customers to accept the same standardized contract, regardless of their particular information security and legal compliance needs. Taking ISO 27001 Information Security Management standard as a guide, we have employed the Delphi method with a group of cloud computing experts from around the world who are subscribed to the “Cloud Computing” group on LinkedIN to identify the most applicable controls in a generic cloud service provider – customer context. Based on these results, we use a sample of cloud computing customer service agreement as a case study to further discuss related contingencies. As a result, this chapter argues that a more balanced approach is needed in service contracts to ensure the maintenance of necessary service levels and the protection of cloud users.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.