What if there were widely accepted standards for cloud security and, better yet, a universally recognized designation for “trusted” cloud providers?
The basic promise of cloud computing is undeniably appealing: Increase efficiency and reduce cost by taking advantage of flexibly pooled computing resources managed by somebody else.
Indeed, as Bill Brenner of CSO put it, “Given how expensive it is to maintain in-house hardware and software, the idea of putting one’s IT infrastructure in the cloud sounds downright heavenly.”
Unfortunately, this “heavenly” scenario is marred by real concerns about security – concerns which can range from network security basics like data integrity and identity management to abstruse questions of “local law and jurisdiction where data is held.”
Yes, cloud computing is changing everything from data center architecture to entire business eco-systems. However, as a new paradigm the many complex questions it poses, particularly when it comes to issues of security, governance, and compliance, are effectively preventing (or at least slowing) its widespread adoption.
So how would a Cloud Security Certification, such as that being proposed by the Cloud Security Alliance (CSA) help matters? Continue reading.