CIF gets serious about security
Cloud group launches special interest group to address security concerns
The Cloud Industry Forum (CIF) is planning to address key cloud security concerns by launching a dedicated group.
Its Security Special Interest Group (SIG) is aimed at both end users and cloud service providers, created to provide clarity, insight and education on the security implications of cloud computing.
CIF's group will be chaired by Michael Darlington, technical director at Trend Micro, who can claim a 20-plus-year career in the security industry, including stints at firms such as Fujitsu and CSC.
Andy Burton, chairman of CIF, said: “Issues relating to data security and data privacy continue to dominate the mind set of corporate Britain as it transitions to the cloud. Our own research has found that security fears remain the greatest barrier to the pace of adoption, with 82 per cent of UK businesses expressing concern about data security, so it is vital that the industry takes the issue seriously. Cloud providers need to be clearer up front with their customers at communicating the approach to security that they provide, and what options are available to adapt this, without compromising security in the process.
“In addition, the language about classification of security risks and solutions needs to be communicated in a standardised way, allowing procurers to more easily compare and contrast different providers when making purchasing decisions. Tied to this is education among end users to ensure they are clear on what they need to look out for technically, commercially and legislatively to ensure data security when migrating to a cloud-based solution.”
Darlington added: “Security remains high on the agenda for cloud adopters, so this group has an incredibly valuable role to play in driving best practice, providing guidance and working to dispel much of the fear, uncertainty and doubt in the industry.
"Although the risks associated with cloud are not inherently greater than traditional IT, it does present a unique set of challenges that must be addressed and properly managed. Understanding the right balance of people, policy, processes and tools for different cloud-based environments will be one of the key objectives of our new SIG.”