RSA promotes trust in the cloud

Stephen Withers
Monday, 19 September 2011 17:29

Business IT - Security

RSA's Cloud Trust Authority is intended to make it easier for cloud users to be sure their providers are taking the security precautions they claim.

Some of the major barriers to the adoption of cloud computing involve trust and security. Part of the problem is that even if the parties are prepared to exchange information, the many-to-many relationships mean a lot of work.

A common hub would simplify matters, then each provider and customer could work with a single set of interfaces. That's what EMC subsidiary RSA proposed earlier this year as the Cloud Trust Authority (CTA).

The company describes the CTA as "is a set of cloud-based services for identity, information, and infrastructure cloud security as well as compliance reporting designed to facilitate secure interaction among organisations and cloud service providers."

David Walter, RSA's senior director, GRC (governance, risk and compliance) strategies and solutions told iTWire that in addition to wanting access to compliance-related information from their cloud providers, organisations also want to apply their existing role and group controls into the cloud, and so the company is working with VMware via the CTA to allow this.

CTA is currently setting up trials involving various providers and a small number of mainly US or EMEA based customers, and the project will reach the proof of concept stage this quarter, he said. General availability of the service is expected during 2012.

Page 2: Smaller providers more willing to share.