cloud on keyboard
Weighing the benefits: CAM compares cloud providers

Cloud consortium appeals for help

New Common Assurance Metric initiative aims to help users put their trust in the security of cloud providers

Written by Caroline Donnelly

CRN, 12 Feb 2010

Common Assurance Metric (CAM), a global initiative aimed at verifying the quality of security offered by cloud providers, is on the hunt for collaborators.

The newly launched consortium has tasked itself with establishing a system to help end users make “objective comparisons” between cloud providers based on the level of security they offer.

Already, 25 organisations have signed up for the project, including Google, Ama­zon and Microsoft, and the existing members are keen to attract more.

Brian Honan, principal consultant at CAM member BH Consulting, said the invitation is open to any firm that wants to show how seriously it takes cloud security.

“It is a collaborative effort between stakeholders with no one firm taking the lead,” explained Honan.

“The fact we already have some recognised players on board is a good indicator of how serious the industry is about cloud security.”

The group hopes to have a framework in place for this classification system by the end of the year, said Honan, with members taking an active role in driving its adoption among third-party and internal cloud providers.

He said: “We hope members will set an example by implementing the system to make people aware that it exists and that, in turn, will encourage other organisations to take it on.”

Andy Burton, chairman of the Cloud Industry Forum (CIF), said he supports what the consortium is trying to achieve, but has reservations.

“We would want assurances that what they are trying to achieve would be certifiable, vendor agnostic and supported by a proper corporate governance mo­del,” he said.

Val Bercovici, new chairman of the Storage Network­ing Industry Asso­ciation’s (SNIA) Cloud Storage Init­iative, said legal issues could also put people off.

Bercovici explained: “It needs to be clearly established where responsibility will fall should a [high-rating] cloud provider fail to provide the level of service this system says it does.”

Bob Tarzey, service director at market watcher Quocirca, said the project should
help to reassure more nervous adopters of cloud-based services.

He added: “They have said upfront that these assurances will also be applicable to internally hosted systems, which underlines the point that the security issues are less to do with cloud computing per se, but more to do with opening up any
computing resource to remote users.”

  • Have your say
  • Send to a friend
  • Share
  • Print

See also:

reader comments

related articles

cloudy skiesCloud Computing

CIF strives for clearer skies in cloud computing market

Cloud Industry Forum is drawing up a code of conduct to help firms get their heads around cloud concept 08 Jan 2010

 
Software

CIF demands cloud regulation

Newly formed body striving for code of conduct to help end users identify reputable cloud providers 04 Nov 2009

Legal

Cloud body seeks VAR feedback

The Cloud Industry Forum (CIF) wants channel firms to pass judgement on document aimed at regulating service providers 28 Apr 2010

Cloud Computing

Cloud computing tipped to take off in 2010

The increasing take-up of cloud services could be a boon for VARs ready to embrace the trend 14 Jan 2010

Software

Open source organisations merge

OW2 and OSA combine forces to promote open source software 01 Oct 2009

latest news

Ingram sales up more than a quarter in Q2

Distribution giants enjoys healthy sales growth as profits more than double 30 Jul 2010

FAST launches three-pronged attack on piracy

Organisation joins forces with Trading Standards teams in Cardiff, Southampton and the Royal Borough of Windsor and Maidenhead to stamp out illegal software use 30 Jul 2010

Avisen grows sales threefold after shopping spree

Buy-and-build firm completes integration of six acquisitions as annual revenue grows to £7.2m 30 Jul 2010

More news

analysis and reports

A study into the UK managed IT services sector
This report presents the findings of the research, within the context of the wider market trends impacting the IT services sector.

Blackhat SEO: inside fake anti-virus
This paper provides insight into where FakeAV (or scareware) comes from, what happens when a system is infected, and how users can protect themselves.

poll

Two-horse race?

Two-horse race?

Can HP challenge Cisco's dominance in the networking arena?

View poll results

cloud computing

CRN Chatroom: Embracing the Cloud in the Channel

This CRN Chatroom, in association with IBM, looks at the impact of cloud computing on the channel and the benefits it can offer to resellers

David Hobson

In the Studio with CRN: VARs lift lid on ADSI

CRN finds out more about the UK IT security channel's first governing body

More CRN TV

events

virtual datacentre

CRN Briefing: Demystifying virtualisation and the datacentre

Join CRN at this exclusive briefing event taking place on Thursday 5 August, in association with Ingram Micro and Cisco.

CRN Golf Challenge 2010

Join us at the exclusive Foxhills Golf Course on Tuesday 7th September for the eighth annual golf challenge

More Events

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Primary Navigation