Tag Archives: audits

More on Amazon’s SAS70 Type II

November 20, 2009 – 18:59

Amazon hasn’t been forthcoming since my last post on their control and control objectives, which is disappointing, but expected.  I still believe that transparency here is more important than security through obscurity.  Hiding the controls and control objectives doesn’t provide much in the way of particular security benefits, although I’m certain some will argue that [...]

By randybias | Posted in Cloud Computing | Also tagged , , , , , | Comments

Why is Amazon’s SAS70 Audit Bogus?

November 16, 2009 – 07:39

At first glance it seems like Amazon’s recent announcement of a successful SAS70 audit is grounds for celebration[1]. Certainly it has met with fanfare on Twitter and blogs.
Unfortunately, a SAS70 audit isn’t what most people think it is. Worse yet, Amazon’s reluctance to provide details of the audit provides a false sense of security [...]

By randybias | Posted in Cloud Computing | Also tagged , , , , | Comments

Twitter links powered by Tweet This v1.7.1, a WordPress plugin for Twitter.