Novell and the Cloud Security Alliance (CSA) have joined forces to launch a cloud certification programme, which aims to provide best practice guidelines for hosted computing.
The vendor-neutral “Trusted Cloud Initiative” wants to bring together cloud providers to produce a set of standards covering cloud security, compliance and identity management. The body hopes that the new initiative will provide companies considering using the cloud with a trusted source for information regarding security, governance and control of data and IT assets.
The move should help accelerate adoption of cloud computing, according to Alan Boehme, SVP IT strategy and enterprise architecture, ING Americas, and current CSA board member.
“How identities are managed either in the cloud, or federated with the cloud, create significant barriers for enterprise adoption of cloud services,” he said. “By building a consensus security reference guide and certification roadmap, we are creating common ground for both enterprises and cloud providers, and expect to accelerate cloud adoption.”
The CSA is a non-profit organisation set up to drive cloud computing adoption by reducing concerns over security. Companies involved in the scheme include Microsoft, Dell, Rackspace, Qualys, HP, Intel, Cisco, McAfee, ISACA, DMTF and Symantec. These firms will provide certification criteria and seal and roadmap services.
“In traditional IT environments, the organisation controls its applications, servers, and storage infrastructure. However, the control architecture changes profoundly for public cloud offerings,” said Jim Reavis, executive director of CSA.
“When an organisation moves IT resources and sensitive data such as personal names, addresses, and phone numbers into the cloud, control and trust issues must be addressed through a trusted third-party certification programme. When Novell proposed the initiative, we immediately embraced the idea,” Reavis said.