Fergus Kennedy, head of compliance and information systems, Pulsant
The cloud industry was revolutionised in September this year with the announcement of the first independently audited cloud security certification. It is exactly what the industry needs – transparency and clarification for cloud users (and potential adopters).
The cloud space can be daunting and for those thinking of adopting cloud or using a different provider for their needs, there are a lot of issues that need to be addressed. At the top of that list is the million dollar question: Will my data be safe?
There are a number of great cloud providers in the industry many of whom offer very strong solutions, but what assurances do cloud users have in terms of security? The BSI security standard – ISO 27001 control set – is a good place to start. However, it doesn’t focus on specific cloud issues.
Enter STAR – the new certification that builds on both ISO 27001 and the CSA cloud control matrix. The certification was developed to help cloud users make sense of a cloud provider’s security capabilities and add a measure of assurance to the decision-making process.
We’re incredibly proud that we are one of the first companies to be awarded the STAR certification (only two cloud providers have achieved the certification so far). We worked with the CSA and BSI as part of the pilot programme and underwent the entire process – achieving Silver Status based on the maturity of our security controls.
For our customers this certification it is an additional assurance that we can provide the best, most appropriate and secure cloud product to suit their needs – our clients can be certain that we have the necessary measures in place to secure their business data. For the industry at large it inspires confidence as it gives cloud providers something tangible to hang their hats on and brings that added measure of transparency.
The certification has certainly come at the best time for the maturing cloud industry, and in the future we’ll see STAR and similar certifications in similar areas challenging providers to continually improve their offerings, strengthen their products, and elevate cloud standards to new heights.