11 August 2011 16:09:27
Industry experts often cite security risks as the biggest concerns in the minds of chief information officers and IT professionals when considering switching to cloud computing. Because the technology is relatively new and many people aren't entirely sure how it works, these fears impede many businesses from taking advantage of the cost-effective innovation.
Security fears are one of the biggest hurdles the cloud industry will have to surpass to reach the International Data Corporation's projections. According to the IDC, the cloud will increase from a $3.8 billion industry this year to $6.4 billion by 2014.
To combat these fears, the Cloud Security Alliance recently announced the creation of the Security, Trust and Assurance Registry, InfoSecurity reports. According to the website, cloud providers will be able to apply for listing in STAR to prove their compliance to the security practices of the industry.
The website states cloud providers can either submit a Consensus Assessments Initiative Questionnaire, or a Cloud Controls Matrix. The former establishes standard industry methods of documenting cloud security controls. The questionnaire, which contains a set of more than 140 inquiries, acts as a guide of sorts for consumers to assess the security of prospective cloud providers, while providing a comprehensive outline for cloud auditors, the website adds.
The Cloud Controls Matrix is a framework of security concepts and principles in line with CSA guidance, InfoSecurity reports. Through the Matrix, businesses, individual consumers and organizations will have a more clear-cut, detailed, structured and standard template of CSA information security standards, as well as how closely cloud providers follow these standards.
STAR is scheduled to be available toward the end of this year, the source adds. Cloud providers are encouraged to prepare their choice of the two compliance options to submit to the CSA.
PCWorld recently published an article explaining how a study from TheInfoPro, a subsidiary of The 451 Group, found more than half of 109 enterprise professionals surveyed believed fears of the change to the cloud need to be put to rest before a successful transition could occur.
Some of this may be the result of the growing trend of data breaches, as the Identity Theft Resource Center cites more than 3.5 million sensitive records exposed in the business sector alone since January 1. While the idea of change during a trend such as this one seems scary, the cloud has not been proven to be particularly less secure than traditional IT infrastructures.
-McAfee Cloud Security