Jericho Forum and Cloud Security Alliance join forces to address Cloud Computing Security
London and San Francisco, May 27, 2009 – Jericho Forum, the high level independent security expert group, and the Cloud Security Alliance, a not-for-profit group of information security and cloud computing security leaders, announced today that they are working together to promote best practices for secure collaboration in the cloud. Both groups have a single goal: to help business understand the opportunity posed by cloud computing and encourage common and secure cloud practices. Within the framework of the new partnership, both groups will continue to provide practical guidance on how to operate securely in the cloud while actively aiming to align the outcomes of their work.
“This is good news for the industry” said Adrian Seccombe, CISO and Senior Enterprise Information Architect at Eli Lilly and Jericho Forum board member. “The Cloud represents a compelling opportunity to achieve more with less but at the same time presents considerable security challenges. For business to get the most out of it, this new development must be addressed responsibly and with eyes fully open. Working together we believe that the Cloud Security Alliance and Jericho Forum can bring clear leadership in this important area and dispel some of the hype and confusion stirred up in the cloud.”
“The Cloud represents a fundamental shift in computing with limitless potential. Solving the new set of risk issues it introduces is a shared responsibility of cloud provider and customer alike,” said Jim Reavis, Co-founder of the Cloud Security Alliance (CSA). “The Jericho Forum has shown early leadership in articulating and addressing the de-perimeterisation concept. We are proud to join forces with them to provide pragmatic guidance for safely leveraging the cloud today as well as a clear vision for a future of pervasive and secure cloud computing.”
Jericho Forum has lead the way for the last five years in the way de-perimeterisation is tackled and more recently in developing secure collaborative architectures. Last year the group published a Collaboration Oriented Architectures framework presenting a set of design principles allowing businesses to protect themselves against the security challenges posed by increased collaboration and the business potential offered by Web 2.0. The Cloud Security Alliance has engaged noted and well-recognised experts within crucial areas such as governance, law, network security, audit, application security, storage, cryptography, virtualization and risk management to provide authoritative guidance on how to adopt cloud computing solutions securely.
Both groups recently published initial guidelines for cloud computing. The Jericho Forum published a Cloud Cube Model designed to be an essential first tool to help business evaluate the risk and opportunity associated with moving in to the cloud. A video presentation of this is available on YouTube (see http://www.youtube.com/jerichoforum) and an accompanying Cloud Cube Model positioning paper is downloadable from the Jericho Forum Web site (http://www.opengroup.org/jericho/cloud_cube_model_v1.0.pdf). At RSA in San Francisco, Cloud Security Alliance announced its formation and published an inaugural whitepaper, “Guidance for Critical Areas of Focus in Cloud Computing”, downloadable from http://www.cloudsecurityalliance.org/guidance/).
About Cloud Security Alliance
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by industry practitioners and supported by founding charter companies PGP Corporation, Qualys, Inc. and Zscaler, Inc. For further information, the Cloud Security Alliance website is www.cloudsecurityalliance.org
About Jericho Forum
Jericho Forum is an international IT security thought-leadership group dedicated to defining ways to deliver effective IT security solutions that will match the increasing business demands for secure IT operations in our open, Internet-driven, globally networked world. Members include many leading organisations from both the user and vendor community including IBM, Symantec, Boeing, AstraZeneca, Qualys, BP, Eli Lilly, KLM, Cap Gemini, Motorola and Hewlett Packard.
Drive and influence development of new architectures, inter-workable technology solutions, and implementation approaches for securing our de-perimeterizing world.
Support development of open standards that will underpin these technology solutions.
A full list of member organisations can be seen at http://www.opengroup.org/jericho/memberCompany.htm.
ZAG Communications for the Cloud Security Alliance