The co-chair of the group, Dominik Birk from Zurich Insurance, said the aim of the group was to define best practices that consider the legal, technical and procedural elements of responding to security incidents in the cloud in a forensically sound way. "This initial white paper represents a significant effort on behalf of numerous individuals and marks an important first step in conducting proper forensic investigations in cloud environments following a security incident,” he said. The group’s white paper ‘Mapping the Forensic Standard ISO/IEC 27037 to Cloud Computing’ is designed to help researchers, data governance experts and forensic practitioners define standardised processes for conducting forensic investigations, electronic discovery and other critical aspects of security in a multi-tenant, highly virtualised environment. The 30 page white paper looks at: forensic science and traditional digital forensics; the notion of cloud forensics; the forensic requirements for cloud service providers; the differences between cloud forensics and traditional forensics; and mapping ISO 27037 - an international standard that seeks to create a common baseline for the practice of digital forensics - to the cloud. It concludes: “In the short term, the cloud consumer bears the responsibility to ensure that CSPs selected for a particular purpose can respond appropriately to a forensic investigation. This is especially true because consumers ultimately suffer the loss from crimes in the cloud environment.” The white paper says that, when contracting for services with a CSP, “The customer should ensure that explicit language and SLOs are incorporated into the contract (as shown in the CSA Trusted Cloud Reference Architecture under the ‘Service Delivery’ domain) to ensure they can respond appropriately when the need to perform a digital investigation arises.” For CSPs, it says that integrating forensic capabilities into cloud offerings would increase transparency for the consumer and likely lead to greater revenue streams. “As more organisations become reliant on cloud computing for critical operations, we foresee that forensics will become a key motivator on choice of CSP. Additionally, as the cloud market matures, we foresee legal and regulatory changes that may shift duties to include, collaboratively, CSPs.” The Working Group intends to release another research paper entitled ‘Developing a Capability Maturity Model (CMM) for Incident Management and Forensics in Cloud Environments’ in Q4 2013. The CSA invites interested companies and individuals to support the group's research and initiatives.

var sc_project=8996751; var sc_invisible=1; var sc_security="b2a75fa5"; var scJsHost = (("https:" == document.location.protocol) ? "https://secure." : "http://www."); document.write("");

About BitCloud BitCloud is a leader in cloud services and managed IT services for growing and mid-market businesses. With over 17 years experience, BitCloud helps you run your business with:

  • Managed Cloud Services that save you time, improve productivity and reduce IT costs
  • End-to-end, scalable and managed IT services that grow with your business – no contracts
  • Custom Business Continuity Plans that give you added security and peace of mind
Get more out of your IT and get on the cloud with a free trial For more information: For more information: