BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.
To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.
To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.
• Are cloud computing users allowed to view the cloud provider's third-party audit reports?
• Are the results of internal and external audits available to users at their request?
• Does the cloud provider conduct network penetration tests of its cloud service infrastructure regularly as prescribed by industry best practices and guidance?
• Does the provider have the ability to logically segment or encrypt customer data so that, in the event of a subpoena, data may be produced for a single user only, without inadvertently accessing another data?
• Can the cloud provider logically segment and recover data for a specific customer in the case of a failure or data loss?
• Is the cloud provider able to sanitize all computing resources of user data once a customer has exited a particular cloud?
• Does the cloud company provide documentation that describes scenarios where data may be moved from one physical location to another?
• Does the provider encrypt user data at rest (on disk/storage) within its environment?
• Does the cloud provider use encryption to protect data and virtual machine images during transport across and between networks?
• Does the provider have anti-malware programs installed on all systems that support the cloud service offerings?
Source: Cloud Security Alliance
While cloud computing may seem vague and confusing, the National Institute of Standards and Technologies recently completed a working definition for the term after years of work and 15 drafts.