Cloud Security Alliance
Wednesday, March 3, 2010
Novell and the Cloud Security Alliance have announced a vendor-neutral “Trusted Cloud Initiative” for developing standards and certification of cloud security, compliance, identity management and other best practices…..The Cloud Security Alliance is a group of consultants, vendors, and cloud users that formed a non-profit group at the end of 2008 to address the lack of standards for cloud computing…..There are no defined levels of security in cloud computing, and it’s difficult to get a discussion going when one party can’t be sure of the terms that the other is using. The Trusted Cloud Initiative is aimed in part at creating a shared set of standards that can be verified by neutral third parties.
“By building a consensus security reference guide and certification roadmap, we are creating common ground for both enterprises and cloud providers, and expect to accelerate cloud adoption,” said Alan Boehme, senior VP IT strategy and enterprise architecture at ING Americas, a branch of the Dutch insurance conglomerate, in Monday’s announcement…..”Our customers need a visible seal of trust. We strongly believe education, clarity, and industry-approved security guidelines will propel the adoption of clouding computing” said Dipto Chakravarty, VP of engineering, Identity and Security unit at Novell…..Members of the Cloud Security Alliance include Microsoft, Dell, Rackspace, Qualys, HP, Intel, Cisco, McAfee, Salesforce.com, Symantec, the DMTF (formerly Distributed Management Task Force) standards body, and the Information Systems Audit and Control Association (ISACA)…..Nils Puhlmann, chief security officer at Zynga Game Network, a producer of online social games, including FarmVille, said the alliance will pay attention to other standards efforts and adopt them, whenever it can. “We are committed to aligning the Trusted Cloud Initiative with other standards efforts,” he said in the announcement. But the alliance will be responsible for “assembling the reference model and certification criteria from existing standards, and we we will complete it in 2010,” he said.