I had the opportunity today to sit in on the Cloud Security Alliance (CSA) Summit at the RSA 2011 security conference. Throughout the presentations, there was a resounding theme regarding security in the cloud: trust.
My colleague Arthur Cole is correct in this assessment:
Everyone wants the scalability and flexibility that cloud architectures have to offer.
The thing is, people want the cloud, but they don't exactly trust security in the cloud. There is a lot of uncertainty on how security should work, where it should work and if the old ideas we have of security will mash up with new approaches to technology.
One approach to building this trust is the RSA Cloud Trust Authority. By enabling visibility and control over identities, information and infrastructure, the RSA Cloud Trust Authority will foster the trust necessary for organizations to adopt cloud computing for mission-critical applications and sensitive information. Organizations will be able to work with the Cloud Trust Authority to help manage relationships with cloud service providers. The hope is that this will help create more streamlined security methods and improve enterprise and public trust in cloud computing.