The Trustworthy Computing blog provides perspectives on the security, privacy and reliability topics relevant to organizations, with a particular focus on cloud computing and the evolution of the IT environment.
Read more about the Trustworthy Computing blog >
We want to hear what you have to say. Please send us comments and ideas for future posts.
IEEE Symposium on Security & Privacy
San Francisco, CA
May 20-23, 2012
More info
View all events >
Microsoft Security Blog Microsoft Security Response Center Security Research & Defense Microsoft Malware Protection Center Security Development Lifecycle Security Tips & Talk Microsoft Privacy and Safety Data Privacy Imperative MS Datacenters Microsoft Office 365 Windows Azure Microsoft on the Issues
Posted by: Tim Rains, Director, Trustworthy Computing
Benchmarks and evaluation standards for cloud computing security is a topic that is top of mind for many organizations that are evaluating the potential uses of this new computing paradigm. Many of the customers I have talked to say they would benefit from standard evaluation criteria for cloud service providers. Many customers are trying to find an adequate method to communicate potential risk to internal and external auditors. Some customers are interested in using the European Network and Information Security Agency’s (ENISA’s) set of evaluation criteria for cloud service providers as a potential baseline for future cloud provider assessments, while other customers are looking to ISO 27001 or a future ISO standard that specifically addresses cloud computing technology, and others are looking at the potential of the Cloud Security Alliance’s Security Trust and Assurance Registry (STAR).
As I mentioned in my last article, Microsoft is collaborating very closely with the industry on drafting standards and baselines for cloud service providers. Laura Posey, a Senior Security Strategist in Trustworthy Computing at Microsoft, has been involved in this process. Please watch this latest video in the Trustworthy Computing Cloud Fundamentals Video Series where I discuss standards for cloud computing security with Laura.
If you haven’t seen the other videos in this series, you can check them out below:
Cloud Fundamentals Video Series
Please check back on this blog regularly as we continue the Cloud Fundamentals Video Series and explore topics that are top of mind for IT professionals related to cloud security, privacy, and reliability.