Customers Demand Better Proof Cloud Computing

Prospective cloud customers are asking more questions about the security of their data in the cloud. “What I hear from customers is ‘how do I know my data is being protected by this cloud service?’” RSA’s Hartman says. They want to be assured that their sensitive data is protected, and they want to be able to demonstrate that assurance to their auditors and upper management. “If there were a widely accepted and reliable certification for this, it would be a great way to address those requirements [for customers],” Hartman says.

RSA has authored The Role of Security in Trustworthy Cloud Computing.Included in its recommendations are:

  • Policies for protecting data
  • Transparency of the cloud provider, enabling customers to see their logs and events (among other things)
  • Adoption of data encryption and masking, so that one customer’s data cannot be accessed by another customer of the cloud provider
  • Federated identity management

CSA has released a worthwhile document entitled Security Guidance for Critical Areas of Focus in Cloud Computing. There are many efforts centered around the development of both open and proprietary APIs which seek to enable things such as management, security, and interoperability for cloud. Some of these efforts include:

  • The Open Cloud Computing Interface Working Group
  • Amazon EC2 API
  • VMware’s vCloud API
  • Sun’s Open Cloud API
  • Rackspace API
  • GoGrid’s API

Open standard APIs will play a key role in cloud portability and interoperability as well as common container formats, such as the DMTF’s Open Virtualization Format (OVF).

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd Protection Status

Cloud Computing Topics