Abstract:
Although the benefits of cloud computing are well known, safety concerns have received less attention (Rash, 2009). This review of selected literature, published between 2007 and 2009, identifies key IT-related cloud computing risks that should be considered by security practitioners. Three types of cloud computing risks are examined: policy and organizational, technical, and legal. Risk mitigation strategies are also explored, and include audit controls, policies and procedures, service level agreements, and other forms of governance.