Forum latest

Frustrations with cloud computing mount
Written by Daniel   
Friday, 09 April 2010 18:15

From ComputerWorld

Lack of standards, industry agreements get more attention as industry expands

Cloud computing users are shifting their focus from what the cloud offers to what it lacks. What it offers is clear, such as the ability to rapidly scale and provision, but the list of what it's missing seems to be growing by the day.

Cloud computing lacks standards about data handling and security practices, and there's not even any agreement about whether a vendor has an obligation to tell users if their data is in the U.S. or not. And users and vendors are only beginning to try to sort out those issues through industry associations, such as the year-old Cloud Security Alliance.

The cloud computing industry has some of the characteristics of a Wild West boom town. But the local saloon's name is Frustration. That's the one word that seems to be popping up more and more in discussions about the cloud, particularly at the SaaScon 2010 conference here this week.

That frustration about the lack of standards grows as cloud-based services take root in enterprises. Take Orbitz LLC, the big travel company with multiple businesses that offer an increasingly broad range of services, such as scheduling golf tee times and booking concerts and cruises.

Like many companies that have turned to the cloud, Orbitz is both a provider and user of cloud-based software-as-a-service (SaaS) offerings. Ed Bellis, chief information security officer at Orbitz, credits SaaS services, in particular, with enabling the company's growth and freeing Orbitz to concentrate on its core competencies.

But in providing SaaS services, Orbitz must address a range of due diligence requirements among customers that are "all across the board" and can vary widely to include on-site audits and data center inspections, he said.

A potential solution is a data standard being developed by the Cloud Security Alliance that would expose data in a common format and give customers an understanding of exactly "what our security posture is today," said Bellis.

If an agreement can be reached on such a standard "it would be heaven," said Bellis, and would "cut out a third of our internal work on due diligence." But he said he doesn't know when or if such a standard will be established, because it would take a lot of work to get a large number of users and providers to agree on it.


[More...] [Comment....]


See also

None found.

Hardware | Windows | Linux | Security | Mobile Devices | Gaming
Tech Business | Editorial | General News | folding@home

Forum | Download Files

Copyright ©2001 - 2012, AOA Forums.  All rights reserved.

Alliance of Overclocking Arts

Links monetized by VigLink

Don't Click Here Don't Click Here Either