Cloud Standards Customer Council - Emerging Cloud Security Standards

The current landscape for information security standards specifically targeted for cloud computing environments is best characterized as immature but emerging. This space is still very much in its infancy stage but there are several standards initiatives that have recently been started that plan to deliver formal specifications in the 2014/2015 time frame. 

In the interim, there is are number of general IT security standards that are applicable to cloud computing environments that customers should be aware of and insist that their cloud service providers support. When finalized, the cloud specific security standards will provide more detailed guidance and recommendations for both cloud service customers and cloud service providers. As customers transition their applications and data to use cloud computing, it is critically important that the level of security provided in the cloud environment is equal to or better than the security provided by their traditional IT environment. Failure to ensure appropriate security protection could ultimately result in higher costs and potential loss of business thus eliminating any of the potential benefits of cloud computing. This report focuses primarily on information security requirements for public cloud deployment since this model introduces the most challenging information security concerns for cloud service customers. Which cloud standards will have the greatest impact on on the future of cloud security? Share your comments here at the Cloud and Cyber Security Center.