Windows LiveWindows Live
 
 
Seaton's profileThe Emerging Business Ad...BlogLists Tools Help

Blog
    October 23

    Microsoft and Google Highlight the Difficulty in Finding a 'Standard of Care' in the Clouds

    The Redmond-based software giant, Microsoft, Corp., (MSFT), announced today that it will be getting its suite of hosted messaging and collaboration products certified to the ISO 27001 international standard for information security.  Interestingly, Google, Inc., in a similar move has decided to get its suite of products certified by the Federal Information Security Act (FISMA) for much the same reason.  The move by the two competing firms is to reassure an increasingly doubting public that operating a business in "the Cloud" is safe and secure (and as a way of trying to win over the U.S. government market as well).  The takeaway from all of this is - which company/standard do you believe?  VP of MSFT Federal, Ms. Teresa Carlson, stated that "FISMA is outdated. It is largely a paper-based exercise. We want to take it up a notch."
     

    The ISO 27001 standard is managed by the international standards body ISO and the International Electrotechnical Commission. To get certified under the standard, Microsoft will need to show that its physical, logical, process and management controls for protecting its suite of cloud services meet a rigorous set of audit criteria.  Though the ISO 27001 standard is widely recognized internationally, it has failed to gain much traction in the U.S.  "Within the federal market, it is a cultural issue," Bill Billings, chief security officer of MSFT Federal, said. "This is really about making them feel comfortable about their partnership with Microsoft." 

    So the question now becomes, will it be totally impossible for a standard of care in cloud computing, or hosted services for that matter, to be determined since it appears that the two largest players in the industry are going along to different paths?  Is it feasible to think that they, and other providers (i.e. Amazon), can even come to the table and agree on a standard?  What is obvious, is that now the line has been drawn in the sand, and a battle over which standard the consumers believe is better will be waged.  The outcome will be determined on who "wins over" the trust of consumers as the "Cloud" becomes an everyday part of the business landscape.

    To read more about this, please click here:  Microsoft Wants ISO Security Certification for its Cloud Services

     

    10:17 AM | Blog it

    Comments

    Please wait...
    Sorry, the comment you entered is too long. Please shorten it.
    You didn't enter anything. Please try again.
    Sorry, we can't add your comment right now. Please try again later.
    To add a comment, you need permission from your parent. Ask for permission
    Your parent has turned off comments.
    Sorry, we can't delete your comment right now. Please try again later.
    You've exceeded the maximum number of comments that can be left in one day. Please try again in 24 hours.
    Your account has had the ability to leave comments disabled because our systems indicate that you may be spamming other users. If you believe that your account has been disabled in error please contact Windows Live support.
    Complete the security check below to finish leaving your comment.
    The characters you type in the security check must match the characters in the picture or audio.

    To add a comment, sign in with your Windows Live ID (if you use Hotmail, Messenger, or Xbox LIVE, you have a Windows Live ID). Sign in


    Don't have a Windows Live ID? Sign up

    Trackbacks

    The trackback URL for this entry is:
    http://seatondalylaw.spaces.live.com/blog/cns!64FE6A103972B89!273.trak
    Weblogs that reference this entry
    • None