云计算服务提供商安全统计调研报告 security-of-cloud-computing-providers-final-april-2011.pdfVIP

Security of Cloud Computing Providers Study Sponsored by CA Technologies Independently conducted by Ponemon Institute LLC Publication Date: April 2011 Ponemon Institute© Research Report Security of Cloud Computing Providers Study Presented by Ponemon Institute, April 2011 I. Executive Summary CA Technologies and Ponemon Institute are pleased to present the results of the Security of Cloud Computing Providers Study. This paper is the second in a two-part series about the state of security in the cloud. The first study released in May 2010 was entitled, Security of Cloud 1 Computing Users. The purpose of both studies is to learn how users and providers of cloud computing applications, infrastructure and platforms are addressing the need to safeguard information in the cloud. In Parts I and II of this report (Executive Summary and Key Findings), we present the results of the cloud provider study. In Part III, we compare and analyze the results of the cloud provider and cloud user studies. Cloud computing has been defined as the use of a collection of distributed services, applications, information and infrastructure comprised of pools of computer, network, information and storage resources. These components can be rapidly orchestrated, provisioned, implemented and 2 decommissioned using an on-demand utility-like model of allocation and consumption. Cloud service delivery models are Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS). We surveyed 103 cloud service providers in the US and 24 in six European countries for a total of 127 separate providers . Respondents from cloud provider organizations say SaaS (55 percent) is the most frequently offered cloud service, followed by IaaS (34 percent) and