When you need to buy a new kitchen gadget, a designer lipstick, a branded razor, a calendar and that vital cable for your television — what’s the one easy place you can turn to?

That’s right, there isn’t one in Australia. You’re facing hours going shop-to-shop, picking up second-rate products from a local mall or ordering from various websites with delivery fees on each item and mixed rules on returns.
Amazon is the game-changer our retail landscape needs, one that transformed shopping in the UK and US years ago. Despite the hand-wringing from the retail sector that has dominated reporting on the online giant, this is mostly good news for the consumer.
You will be able to buy what you want, when you want it. It will typically be affordable. Existing brands will have to work harder to compete. It will be the arrival of Uber, or Aldi, all over again.

I lived in the UK more than four years ago, and buying books, travel accessories and homeware couldn’t have been easier. Every Christmas now, I log on to Amazon and select the perfect toiletries, chocolates, booze, games, DVDs, hiking gear and toys that I want for all of my relatives, adding wrapping and a message where needed. It’s the work of minutes.
In the four years I’ve been in Australia, waiting for Amazon, the company has grown enormously, and it’s in fashion that investment bank Morgan Stanley now sees the biggest threat.

Its report “The Amazon Effect in Australia” says $800-million will be wiped from the earnings of chains including JB Hi-Fi and Harvey Norman, but the single biggest impact will be on Wesfarmers. The nation’s largest retailer, which owns Target and Kmart, could lose more than $428 million in earnings by 2026.
The report said department stores would be the sector worst hit, as Amazon generates up to $12 billion in sales by 2026.

Online retailer Catch Group this week announced it is having a makeover to ensure it becomes number two in Australia after Amazon, rebranding Catch of the Day as Catch.com.au and turning it into a marketplace.
Amazon Fresh will take on the grocery sector, and it is aggressively building its Amazon Prime video membership service, making inroads into streaming and refusing to stock Apple products in favour of its Fire TV sticks. Amazon entered the Artificial Intelligence field in 2014 with its Alexa speaker. This week it emerged that its shares (and those of Google) have just reached $US1000, putting them in an elite club of mega-companies.

In December, it opened the first Amazon Go store at its Seattle headquarters, a convenience store with a tracking system of sensors, algorithms, and cameras instead of cashiers or checkout lines.

Australians haven’t migrated to online shopping in the landslide once predicted. Figures released by the National Australia Bank last week showed the Online Retail Sales Index — a measure of spending on retail goods — fell by 0.8 per cent in April. But even if you prefer to visit a store and try clothes on, it’s being able to get those small essentials without the painful search that will hook you in.

And Amazon is moving offline, too. In December, it opened a prototype Amazon Go grocery store at its headquarters in Seattle, Washington, which uses a tracking system of sensors, algorithms, and cameras instead of cashiers or checkout lines. The eCommerce giant opened its first physical bookstore in New York last month — its seventh in the US. Amazon Books, like the Go store, does not accept cash, with Prime members using the app on their smartphone to pay and non-members using a credit or debit card.

Maxim Group today predicted a future in which Amazon will run everything from petrol stations to credit lines, Dow Jones reports.

“Consumers will be able to save money at the Amazon gas station because they belong to Amazon Prime, much like Costco members today,” said Maxim’s Tom Forte. “They will also be able to pick up and return their merchandise ordered online at the Amazon gas station.”

They’ll book their travel on Amazon, and have the firm send their suntan lotion ahead to the resort so it’s there when they arrive, he added.

But just as with Uber and co, there are serious questions over Amazon’s omnipotence. Critics say the retailer has a monopoly and is destroying small businesses — book stores, boutiques, grocery stores. There are also questions over how it pays tax.
There have been regular accusations that the company mistreats workers, with reports in December of “intolerable conditions” at a Scottish warehouse, with badly paid staff forced to sleep outside in tents to save on commuting costs.

A Sunday Times investigation found temporary workers at the warehouse were being penalised for taking sick leave and put under immense pressure to hit targets, and that water dispensers were often empty despite the intense physical nature of the job. Unions said workers were falling ill from overwork.

In the US, where Walmart is buying up smaller online retailers as it battles to compete with Amazon, there have been dozens of stories about inhumane conditions at its warehouses. But workers who spoke to Mental Floss in 2015 said conditions were relatively typical for warehouse work. In 2012, after an expose on the searingly hot summertime conditions, Amazon announced plans to spend $52 million to install airconditioning.
The company is now recruiting for hundreds of jobs in Australia as it prepares for its highly anticipated debut. It has broadly positive reviews on job sites Indeed and Seek, although there were complaints about difficult management, tough targets and short lunch breaks.

Amazon is a massive tech corporation and — mirroring Facebook, Apple and Google — there are justified concerns over its practices and treatment of employees as it grows.
However, it is time Australia caught up with the rest of the Western world and actually knew what those were.

By Emma Reynolds for www.news.com.au

It wasn’t long after smart phones, tablets and ubiquitous Wi-Fi that workplace experts predicted the end of the office. And while a telecommuting trend took root for a while, it is now beginning to reverse with large American companies like IBM, Honeywell and Yahoo leading the change.

But also thanks to offices that are now much more human friendly.

Richard Andrews, MD of Inspiration Office, says:  “The thinking went along these lines: if technology allow people to work anywhere, then who needs the office?

“As it turns out, the vast majority of workers do—because work, at its essence, is a social process. Even people armed with the latest mobile device still come to the office to connect with other people and to access technology they can’t carry around.

“The office didn’t go away, but it’s now evolving into something fundamentally different.

“We are in the midst of an office renaissance.”

And the proof is evident in some of the world’s biggest companies.

After several decades of allowing employees to perform their jobs remotely, IBM recently announced that it wanted many of its remote workers back in the office.

Between 1995 and 2009, the company shrank its office workforce. Other companies soon followed suit: Work-from-home became a desirable perk of many white-collar jobs.

Yahoo has also reversed its stance on home workers and said that since calling back its staff, employee engagement was up, product launches increased significantly and teams were thriving.

American conglomerate Honeywell also joined the back to the office trend by banning telecommuting for most of its workers worldwide.

Says Andrews: “It’s not surprising there is a swing back to the office. The workplace has become a catalyst for energy and buzz.

“People are again looking for inspiration and creativity at work, as well as human-centered technology that makes life easier. These ideas are being embraced and adopted at a rapid pace thanks to new people friendly design and facilities.”

Traditionally, offices were focused on uniformity and standards. Much of the space was dedicated to individual workstations, separated into departments, where people spent the majority of their time working alone. A cafeteria provided a place to eat lunch and large meeting rooms were used mostly for collaboration.

But by reducing the number of dedicated individual workstations and creating an ecosystem of spaces, people now have the freedom to choose how and where to work.

“Appealing offices now have a social hub, previously just a cafeteria, which shifts away from supporting just nourishment to now also becoming a place for workers to connect and collaborate,” says Andrews.

“They also have a nomadic camp—purposely placed near the social hub— to support mobile behaviours. The additional settings offer mobile workers a place to work alone or with others. Workers can see and be seen by coworkers, or choose a private setting for focused work.”

The concept of a ‘resident neighbourhood’ is also proving popular and includes spaces for managers in the open plan to promote learning and quick problem solving. Resource centres offers workers a space to securely store coats and bags and access meeting tools.

“People want to feel a connection to the places where they work, where they can see themselves in the space, versus something that feels imposed upon them. Well designed offices and productivity gains from working closely with smart people is driving the office renaissance,“ Andrews concludes.

Employees intend on taking advantage of their sick leave to stay away from work when in truth they really just can’t face a day in the office.

Almost 40% of South Africans are planning on “pulling a sickie” in June or July, according to a survey released by Pharma Dynamics on Monday.

The generic pharmaceutical company polled 1 500 workers across the country to find out how people were gearing up for the colds and flu season. However, respondents also let slip the time of year they are most likely to ring in sick, said Pharma Dynamics.

Bad weather coupled with colds and flu
A combination of miserable weather and the expected spate of colds and flu in winter makes June and July the most popular months of the year to take a duvet day, said Pharma Dynamics spokesperson Nicole Jennings.

“Nearly a third of those polled admitted that they’ve pulled a sickie before – 45% of whom said they do so two to three times a year, while a few chancers (15% in fact) do so even more often. The 40% whose conscience probably gets the better of them, can only bring themselves to do so once annually.”

Jennings said what makes matters even worse is that those who pretend to be sick don’t do so on their own.

“More than a whopping 51% rope in their partners and/or children to take a duvet day with them – 20% either didn’t have a partner or a child, which implied that if they did, they’d probably get them to bunk with them too. The remaining 29% preferred to do so solo.”

The result of sickness-related absenteeism on the economy has been enormous, according to the most recently available Adcorp Holdings’ employment index.

Cumulatively, since 2000 the economy lost R55.2bn in real terms due to sickness, the report dated 2013 shows.

The index found that between 2009 and 2011, one-quarter of all workers claimed the maximum statutory allowance for sick leave, which is 36 days in a three-year cycle. It showed that the average output per worker in 2012 was R145 233 per year – or R586.19 per working day. In 2011 this loss of output due to sickness totalled R4.29bn

At the time Adcorp said it was alarming that sick leave in South Africa had been rising continuously.

More recently, South Africa was ranked last among 19 nations in a global survey that measured healthcare system efficiency – the ability to deliver maximum results at the lowest possible cost.

The Future Health Index, commissioned by Dutch tech company Philips, showed that South Africa’s efficiency ratio was the lowest out of the 19 countries in the study, which included countries such as France, the US, Argentina, United Arab Emirates, China and Brazil.

South Africa scored 4.4 compared to the group average of 10.5.

Source: Fin24

Queens speech delayed by stationery

Traditionally, the U.K. Parliament starts off every year with a speech by the current monarch, which outlines the direction the ruling party wants to take the government.

But the queen’s speech might get delayed this year — and the government says paper is partially why.

Turns out the queen can’t just print out her speech on a few sheets of A4. It has to be written on special goatskin paper — which, despite the name, doesn’t involve actual goats.

The special paper ensures the speech will last longer in Parliament’s national archives — but it also means the ink will need a few days to dry.

Normally this isn’t a problem because both major parties already know what they want their government to look like. But the surprising election results have forced the ruling Conservative Party to negotiate with a regional party in Northern Ireland to maintain its majority.

Those talks are still going, which means it’s too early to start putting a government together on paper — at least, on archival goat paper.

What is goatskin paper?

Goatskin paper is a thick and ornate parchment on which the Queen’s Speech is written.

While it was traditionally made from real goat skin, its modern form contains no animal hide at all.

But it keeps its name because it has a watermark in the shape of a goat.

Westminster veterans still refer to “going goat” to mark the moment the Speech needs to be ready by so that the ink can have time to dry before being sent to the Queen for her approval.

Why is it used in the Queen’s Speech?

The posh paper is used for the special occasion of the State Opening of Parliament.

On it is written the Queen’s Speech, which sets out the Government’s plans and legislative priorities for the year ahead.

But after the 2017 snap election led to a hung Parliament, it was reported that Theresa May would push back the speech from the original date of June 19.

It was thought she needed time to organise a deal with Northern Ireland’s DUP to support the Conservatives in a minority government in case they made ultimatums over Tory policies.

By Neal Baker for The Sun; and Matt Picht and Katie Link for www.abc2news.com

South Africa enters a recession

Gross domestic product contracted 0.7% for the first quarter of 2017, indicating that the country has entered into a recession, according to deputy director general of Economic Statistics at Statistics South Africa (Stats SA) Joe de Beer.

The latest GDP data was released by Stats SA on Tuesday.

For South Africans, this means:

  • The value of the rand is weaker, driving the price of commodities and imports up

  • Food and petrol prices are likely to increase

  • Foreign investment will slow

  • Local job creation will slow

  • The unemployment rate will continue to rise as companies contract and lay people off

The contraction follows the GDP decline of 0.3% in the fourth quarter of 2016. In 2016, the economy grew only 0.3% for the year.

Compared to the previous year, GDP growth came to 1%. “Over the last four years there were instances of negative economic growth prior to the last two quarters,” said De Beer.

The main contributors to the contraction were the trade and manufacturing industries. Trade declined 5.9% and manufacturing contracted 3.7%.

The agriculture and mining industries were the only sectors which made positive contributions. Agriculture increased growth by 22.2% on the back of the drought recovery, and mining grew by 12.8%.

However, expenditure on GDP contracted by 0.8% in the first quarter.

Household consumption declined 2.3%, with spend of food and non-alcoholic beverages, clothing and footware and transport the major contributors to negative growth.

Gross fixed capital formation grew by 1%, mainly due to machinery and equipment which grew by 7.9%.

Net exports contributed negatively to growth and expenditure on GDP, while goods and services contributed negatively to growth in exports. Exports of mineral products and vehicles and transport equipment were largely responsible for the decrease in goods, according to Stats SA.

Imports, which increased 3.2%, were driven by imports of mineral products.

Government consumption expenditure contracted 1%.

Recently the World Bank projected low growth for the following two years. The World Bank expects growth of 0.6% for 2017, 1.1% for 2018 and 2% for 2019. The projections for 2017 and 2018 are 0.5 and 0.7 percentage points less respectively than its January 2017 figures, Fin24 reported. data

The Reserve Bank also revised down growth forecasts. At the monetary policy committee rates announcement in May, Reserve Bank governor Lesetja Kganyago said political tensions and the sovereign downgrades to junk status have presented risks to growth.

The Reserve Bank’s growth forecast for 2017 is now 1%, down from 1.2%. Growth projections for 2018 were cut down from 1.7% to 1.5%. Similarly, the 2% growth forecast for 2019 was revised to 1.7%.

At its recent credit review, ratings agency Standard and Poor’s (S&P) emphasised that low growth remained a concern. S&P explained political risks would weigh heavily on growth priorities and this would slow fiscal consolidation.

“We believe the current political environment could result in the private sector delaying business investment decisions, thereby restraining GDP growth,” said S&P.

S&P projects growth to rebound to 1% in 2017 and average at 1.5% between 2017 and 2020.

By Lameez Omarjeev for News24

Schools involved in price-fixing scandal

The Competition Commission says they have extended their probe into school uniform price fixing to the rest of the country.

The commission says this decision comes after they have received nine complaints since the initial reports in January.

The commission says the investigation will focus on all schools in the country including private schools such under Curro, Advetech and Kayalami, who were among those complained about.

The complaints have come from businesses who have foreclosed because of exclusive contracts schools have with some suppliers and parents who are forced to buy from certain suppliers.

Spokesperson Sipho Ngwema says they have found merit in some of these complaints.

“We are continuing to probe others and once we are finished we’ll take a decision on whether to refer certain schools and contracted business the competition tribunal. If there are other means to address this before the tribunal, we are open to that.”

By Tebogo Tshwane for Eyewitness News

The stats of the nation

In the midst of all the chaos and depression around us, we must appreciate the fact that we have still been able to keep some world-class institutions running. One of these is Stats SA, which is right up there with its international peers. Regular visits to its website will show you why that is: the amount, depth and breadth of information is quite something.

In the past few days, three critical pieces of information from Stats SA were drowned out by the ugly, rotten politics. They all related to issues that are key to the lives of South Africans: crime, governance and jobs.

Crime is higher than ever

The first one, titled Exploring the Extent of and Circumstances Surrounding Housebreaking/ Burglary and Home Robbery, looked at these crimes that terrify South African citizens. It noted that, although the proportion of households experiencing this crime that “violates our private space and the one place that we think of as our sanctuary” has been on the decline for five years, public perceptions were the opposite.

Differentiating home robbery (a break-in while the family is there) from housebreaking (burglary), the report says the former “fuels fear in communities, because it puts people at risk of personal injury and emotional trauma in their homes, where they should feel safest”.

Then came the really frightening part, which painted an appalling picture of the arrest and conviction rates.

“An arrest is made in only one out of every five reported cases of housebreaking or home robbery. Only one in five people arrested for housebreaking was convicted, and one in three people arrested for home robbery was convicted,” it stated.

Unacceptable vacancy rates

The second report, The Non-financial Census of Municipalities, contains some disturbing information about the vacancy rates in municipalities that cannot afford to be short of service-delivery personnel. Overall, the vacancy rate jumped from 13.3% in 2015 to 14.4% in 2016. Last year, the most affected areas in terms of unfilled vacancies were environmental protection at 26.1%, road transport at 22.3% and wastewater management at 19.9%. What was worrying was that only health – at 10.9% – had a vacancy rate of less than 12%. Crucial functions such as electricity (13.7%), water (13.6%) and finance (12.9%) had unacceptable vacancy rates.

Such high vacancy rates when positions are fully funded affect service delivery and increase the reliance on outside consultants, the report noted. By way of illustration, it pointed out that in Vryheid – which experienced a severe drought in the year in question and had to employ water tankers – the vacancy rate is 30.5%. Rustenburg’s wastewater management stood at a staggering 69%. Road transport, which is often the cause of community grievance, turned up some alarming numbers. In Mangaung, 74% of vacant posts were unfilled and Masilonyana (also in the Free State) stood at 69%. Although the vacancy rate in electricity came down from 20.2% to 13.7% last year, it is still considered high.

Unemployment crisis

The third was the release of the Quarterly Labour Force Survey, which revealed that South Africa’s unemployment rate now stood at 27.7% – its highest since 2003. Ironically, this was in the quarter in which 144 000 new jobs were created in the economy, a number offset by the entry of 433 000 jobseekers. The survey said 58% of these new jobseekers were between 18 and 34 years of age, thus pushing the youth unemployment rate to 38.6%.

The unemployment rate among those without matric was 33.1%, while among graduates, it was 7.3%. If you use the expanded definition of unemployment by including those who have just given up on looking for work, the figure goes to 36.4%, almost a 10% increase. And if you want it in raw figures, we are talking about 9.3 million South Africans who cannot find work.

Why, I hear you ask, are we talking about such seemingly mundane matters when there are so many more fascinating subjects, such as Duduzane’s complicated love life and the saucy pictures that dropped into his inbox? Why should we be concerned about boring issues when there is such scintillating stuff in the political world – from emails to motions of no confidence and a president who threatens his executive not to “push him too far”?

Well, it is because these are the issues that should be consuming us. In a society that is serious about solving problems, the content of these reports would spell crisis in capital letters. A citizenry that lives in constant fear in a free country is not enjoying its freedom.

Municipalities and government departments that deprive residents of quality services because they are unable to fill vacancies are also depriving people of the tangible fruits of freedom.

The same can be said with regard to the unemployment crisis, which deprives families and individuals of a decent standard of living.

There has to come a time when these are the big issues on the minds of South Africans, both in the state and outside of government.

But then, as the Zuma/Gupta mafia is busy plundering, the country has no choice but to be consumed by their criminal behaviour.

By Mondli Makhanya for News24

Following years of government budget cuts, parents are now turning to crowdfunding Web sites in order to provide basic school supplies.

Appeals have been launched on websites including Justgiving.com for online donations towards items such as whiteboards and computers, as well as to pay for crossing attendants.

These include one for Camelsdale Primary School, which set up a page to raise money for a replacement whiteboard.

The drastic measures are being publicised by the National Union of Teachers (NUT), who have set up a ‘School Cuts’ website which shares details of the more than 18,000 schools that could face further cuts.

The website contains a tool with which people can check how their school will be affected, while urging voters to petition their local MP candidates to oppose more cuts before the election.

The project, which is also backed by NAHT, The Education Union (ATL) and GMB, also forecasts the future for UK education and claims that by 2022, 93% of schools will have per-pupil funding cut.

According to the National Audit Office, the Tory pledge to inject £4bn into education, thus changing the funding formula, could actually result in 9,000 schools facing more cuts.

In a blog, the Department of Education deny claims made in a report by the Institute for Fiscal Studies (IFS) that schools are not protected from further funding cuts.

They state: “That is not true – we have protected schools from losing more than 3% per pupil and that protection is guaranteed for the lifetime of the formula.

“[…] Indeed, there has been a substantial increase in school funding over the years.”

Basing findings on a National Audit office report into school financial sustainability, a spokesperson writes: “The government has protected the core schools budget in real terms since 2010, with school funding at its highest level on record at more than £40 bn in 2016-17 – and that is set to rise as pupil numbers rise over the next two years.”

Prime Minister has echoed this claim several times, stating in an interview with Andrew Marr: “The level of funding going into schools is at record level.”

However, Professor Sandra McNally from the School of Economics, University of Surrey, published an article​ fact-checking this “highest level on record” claim.

She explains that only the “per pupil expenditure” (the amount spent on each pupil) is relevant, rather than the total amount of money available.

According to Professor McNally, current spending per pupil was “largely frozen in real terms” between 2010 and 2016.

And as onward spending is frozen in cash terms, this will likely lead to a “real terms reduction of around 6.5 per cent by 2019-2020”.

She explained this would, in reality, be a real-term fall in per-pupil spending – the biggest in 30 years.

“Theresa May’s claim is misleading because it omits important information,” Professor McNally concluded.

By Harriet Marsden for www.independent.co.uk

The ultimate hobby machine

Say goodbye to unnecessary cords and create more space to work on your projects with the ultimate DIY machine from Cricut. The machine is hailed as all you need for craft hobbies like scrapbooking. The machine retails at approximately $300 (R3 800).

There are so many ways you can create with Cricut Explore Air. Design with the 50 000 images, projects, and fonts in the Cricut Image Library, or upload your own images and fonts for free.

Make party invitations, decorations and favours. Create seasonal home décor or personalise wedding gifts. Add embellishments to your favorite photo memories.

Cut what you want
Upload and cut your own images and fonts free; works with .svg, .jpg, .png, .bmp, .gif, and .dxf files
Cut or write fonts already installed on your computer
Buy images starting at $0.99

Design and cut with the iPad app
Design here, there, and everywhere! Cricut Design Space app for iPad works seamlessly with the Cricut Explore Air machine. Design on your iPad and send the project to cut, wirelessly. The free, easy-to-use Cricut Design Space software system gives you access to all of your images and projects from any compatible computer or iPad. It’s cloud-based, so your projects are always synced across all your devices.

What can I make?
Make all your birthday and party invitations, banners, decorations, and favors. Create distinctive seasonal home décor or personalise DIY wedding gifts with a quick monogram for that perfect touch. Add embellishments to your favorite photo memories. And give Family Game Night the ultimate make-over with fresh and fun games month after month. Don’t forget those last-minute school science fair projects, book reports, or the ‘All About Me’ poster. Satisfy all your DIY crafting needs, whether you use the Cricut Explore Air as a vinyl cutter, die cut machine, or fabric cutting machine.

What can I cut?
The Cricut Explore Air cuts a wide variety of materials, including paper, cardstock, vinyl, iron-on, poster board and fabric for DIY projects. Upload your own images or choose from the Cricut Image Library – the only limit is your imagination.

No settings required
Forget the complicated materials settings. Now you can get the perfect cut on nearly any material, just turn the Smart Set dial. You can even create custom settings for different materials.

Clean cuts, big or small
The Cricut Explore Air features patent-pending Cut Smart technology. Cut all sorts of shapes with exceptional precision in sizes ranging from ¼ to 11½ inch wide x 23½ inches tall.

Cut and write in just one step
The Cricut Explore Air machine can cut a card and then write a personalised message exactly where you want. It can also cut a box and score the fold lines in one step.

POPI and the cloud

When legendary Canadian singer-songwriter Joni Mitchell released her hugely successful album “Clouds” in May 1969 little could she have guessed that nearly 50 years later the subject of clouds would be part of the global conversation around the protection of personal information (PI).

Her words “I’ve looked at clouds from both sides now” with the conclusion “I really don’t know clouds at all” might well apply to information officers (IOs) here in South Africa and data protection officers (DPOs) across the globe and who are trying to understand how to go about selecting their cloud service providers from a security perspecitve.

In fact, Mitchell was prophetic in looking at multiple clouds, not just one, because that’s a reality for today’s IOs/DPOs who need to satisfy the demands of multiple stakeholders who are unlikely to be satisfied with a single cloud services supplier. Of course Mitchell has not been alone in looking at clouds closely. The European Network and Information Security Agency in 2015 launched its Cloud Certification Schemes Metaframework. “CCSM is a metaframework, which maps detailed security requirements used in the public sector to describe security objectives in existing cloud certification schemes. The goal of CCSM is to provide more transparency about certification schemes and to help customers with procurement of cloud computing services. This first version of CCSM is restricted to network and information security [NIS] requirements. It is based on 29 documents with NIS requirements from 11 countries (United Kingdom, Italy, Netherlands, Spain, Sweden, Germany, Finland, Austria, Slovakia, Greece, Denmark). It covers 27 security objectives, and maps these to 5 cloud certification schemes.” (source https://www.enisa.europa.eu/news/enisa-news/enisa-cloud-certification-schemes-metaframework). The rest of this article will take a look at just some of those 27 security objectives as an aid to helping you select your cloud services providers.

Cloud security objectives when selecting a cloud services provider

This list is the full 27 (title and brief description) in the ENISA CCSM and should give you a flavor of the potential complexity involved in evaluating your suppliers from a security perspective. Of course a full evaluation will cover a number of other areas, such as functionality, value for money and relevant experience. This list has not been prioritized to reflect the issues which you evaluate as more or less important in the specific circumstances, such as the risk appetite, applicable to you organisation.

The text that follows is all sourced from the CCSM document.

  1. Information security policy. Cloud provider establishes and maintains an information security policy.
  2. Risk management. Cloud provider establishes and maintains an appropriate governance and risk management framework, to identify and address risks for the security of the cloud services.
  3. Security roles. Cloud provider assigns appropriate security roles and security responsibilities.
  4. Security in Supplier relationships. Cloud provider establishes and maintains a policy with security requirements for contracts with suppliers to ensure that dependencies on suppliers do not negatively affect security of the cloud services.
  5. Background checks. Cloud provider performs appropriate background checks on personnel (employees, contractors and third party users) if required for their duties and responsibilities.
  6. Security knowledge and training. Cloud provider verifies and ensures that personnel have sufficient security knowledge and that they are provided with regular security training.
  7. Personnel changes. Cloud provider establishes and maintains an appropriate process for managing changes in personnel or changes in their roles and responsibilities.
  8. Physical and environmental security. Cloud provider establishes and maintains policies and measures for physical and environmental security of cloud data centres.
  9. Security of supporting utilities. Cloud provider establishes and maintains appropriate security of supporting utilities (electricity, fuel, etc.).
  10. Access control to network and information systems. Cloud provider establishes and maintains appropriate policies and measures for access to cloud resources.
  11. Integrity of network and information systems. Cloud provider establishes and maintains the integrity of its own network, platforms and services and protect from viruses, code injections and other malware that can alter the functionality of the systems.
  12. Operating procedures. Cloud provider establishes and maintains procedures for the operation of key network and information systems by personnel.
  13. Change management. Cloud provider establishes and maintains change management procedures for key network and information systems.
  14. Asset management Cloud provider establishes and maintains asset management procedures and configuration controls for key network and information systems.
  15. Security incident detection and response. Cloud provider establishes and maintains procedures for detecting and responding to incidents appropriately.
  16. Security incident reporting. Cloud providers establishes and maintain appropriate procedures for reporting and communicating about security incidents.
  17. Business continuity. Cloud provider establishes and maintains contingency plans and a continuity strategy for ensuring continuity of cloud services.
  18. Disaster recovery capabilities. Cloud provider establishes and maintains an appropriate disaster recovery capability for restoring cloud services provided in case of natural and/or major disasters.
  19. Monitoring and logging policies. Cloud provider establishes and maintains systems for monitoring and logging of cloud services.
  20. System tests. Cloud provider establishes and maintains appropriate procedures for testing key network and information systems underpinning the cloud services.
  21. Security assessments. Cloud provider establishes and maintains appropriate procedures for performing security assessments of critical assets.
  22. Checking compliance. Cloud provider establishes and maintains a policy for checking compliance to policies and legal requirements.
  23. Cloud data security. Cloud provider establishes and maintains appropriate mechanisms for the protection of the customer data in the cloud service.
  24. Cloud interface security. Cloud provider establishes and maintains an appropriate policy for keeping he cloud services interfaces secure.
  25. Cloud software security. Cloud provider establishes and maintains a policy for keeping software secure.
  26. Cloud interoperability and portability. Cloud provider uses standards which allow customers to interface with other cloud services and/or if needed migrate to other providers offering similar services.
  27. Cloud monitoring and log access. Cloud provider provides customers with access to relevant transaction and performance logs so customers can investigate issues or incidents when needed.

Summary and next steps

It is recommended that you evaluate how to deploy this list of security objectives to best meet the needs of your own organisation. If you have not already, open the conversation about cloud security with your suppliers or potential suppliers. Challenge them to satisfy you in terms of their ability to meet these objectives, in particular whether they can offer one or more of the 11 certifications to which the CCSM is mapped. If they are not willing to do that it may be time to start looking for another supplier. While you are doing all that you may even enjoy listening to Joni Mitchell.

By Dr Peter Tobin

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top