RSA Conference analysts: Be careful with cloud contracts

A recent panel at the RSA Conference 2011, comprised of lawyers, told the audience to be careful when dealing with contracts with cloud vendors.

According to Scott Blackmer, a founding partner at InfoLawGroup, LLP, companies should not be simply clicking through a service provider’s contract without first negotiating it. Companies must perform their due diligence and governance inspections in regards to these contracts.

If companies do not, “it’s likely going to haunt you,” Blackmer told the crowd.

Thomas Jackson, a partner at Phillips Nizer, told the audience that legal and compliance issues cannot be put on the cloud vendor; instead, it’s up to the companies themselves to make sure the service provider’s offering is appropriate and in line with their industry’s rules and regulations first.

With security regarding the managed IT service remaining a top priority of many company CIOs and IT workers, taking time to fully inspect and evaluate contracts can serve as large first step toward ensuring the best security practices are in place.