Unified approach to data security.
CSO = Chief Security Officer
Escrow account, service support commitments – for example, for how many years is AWS committing to support its new data archive service (Glacier)?
SLOs and SLAs – objectives and objectives with penalties
RAS commitments – ‘5 9’s availability’ – and the boundaries of those commitments. For example, AWS Glacier offers 11 9’s for archived files, but that durability commitment has no bearing on the availability of the service.
Who’s responsible for monitoring service levels? Are SLA penalties paid automatically or does each customer have to request payout?
Cousera course on Information Security and Risk Management in Context includes ‘Legal security implications’ as one of the four topics, but overall the focus appears to be on technology and IT policies to secure electronic data rather than on a holistic approach to security.
Blog tying recent outages (including GoDaddy) to security. “GoDaddy Offers Users One-Month Credit Following Outage”