Google signs up for Cloud Security Alliance
Google has joined the Cloud Security Alliance, plugging a major gap in the organisation's membership.
The search giant, which announced its membership on Friday, was one of three cloud-computing leaders missing when the trade organisation launched in April 2009. Of the other two, Microsoft has since signed up, but Amazon has not.
The Cloud Security Alliance (CSA) is dedicated to promoting best practises for and awareness of cloud-computing security, which has emerged as a potential barrier to adoption among businesses. It counts Cisco, Dell, Novell, CA, VMware and RSA among its 34 corporate members.
Writing on Google's enterprise blog, Google's senior product marketing manager Adam Swidler said that the alliance is an "important part of an ecosystem that works to increase transparency, lower risks and promote independent research".
"The CSA's focus on security best practices offers valuable information to organisations looking to move to the cloud. We look forward to providing ongoing education about cloud computing and its value to the organisations that use it," Swidler wrote.
The signing up of Google is an landmark for the alliance, which is trying to expand its presence globally. Last week the CSA tried to stimulate discussion of a possible certification for cloud security, which would set common standards for suppliers. However, that is also the aim of a project launched in February to set a Common Assurance Metric for the cloud, under the guidance of a consortium that includes Google, Microsoft, Amazon and other members of the CSA.
Security in the cloud remains an issue for enterprises concerned about how the use of cloud services affect data protection and compliance. Security vendor Trend Micro has already warned of new threats emerging from the adoption of cloud computing, while Enisa, the EU agency responsible for promoting IT security good practice, has warned businesses to exercise caution in the procurement of cloud services.
In December, the CSA updated its guidance on the areas of security focus organisations should take. One of the major updates to the guidance was to include experience gained from actual deployments over the last six months.