Why security standards are Critical for the Cloud

Everyone loves standards, right? When is the last time you heard a vendor proudly say that their product or service was closed and proprietary? However, it also seems that every time a new IT architecture sweeps through the market, this time one based on cloud models, the lessons of the critical value of standards needs to be relearned.

While it is easy to poke fun at standards by saying such things as “I love standards because there are so many from which to choose,” it is also easy to see the incredible value that they can unlock. Look at the Internet itself as an example. It is hard to imagine the cloud reaching its potential without it using a set of widely adopted standards – security and otherwise.

In the context of this blog when I refer to security standards, I am talking about security interface standards (basically cloud security APIs) that enable security systems in one domain, whether in a cloud service or in an on-premise enterprise system, to communicate and inter-operate programmatically with security systems in other domains.

The absence of such standards drives the use of customized integrations which have been the bane of IT agility since the beginning of modern computing.

Why is it that everyone loves standards in concept, including those for security, but often standards definition and deployment is less than speedy? Why doesn’t everyone involved just pull together and solve this obvious problem now, instead of waiting until we are all suffering from lack of standards?

While this is a general issue with standards, let’s look at this issue through the lens of the emerging public cloud-based services (public IaaS, PaaS, & SaaS). There are both rational and less rational reasons why standards are developed and used at a rate slower than they should be for maximum benefit. Continue reading…

Related Posts

5 Reasons Why the US Domain Seizures Are Unconstitutional Last week, Bryan McCarthy, the 32-year-old operator of ChannelSurfing.net, was arrested on charges of criminal copyright infringement. This arrest has...
EU laws already protect the open Internet: let’s enforce them now to stop the rise o... There’s a sign in a street near the Skype office which reads: I can’t understand why people are afraid of new ideas. I’m frightened of the old ones. ...
Humanitarian Free and Open Source Software The Relevance of IT for Humanitarian Response The humanitarian response domain aims to help save lives and alleviate human suffering in responding ...
Why I will not buy Google’s Cr-48 Chrome Notebook The Cr-48 is Google's cloud-based notebook computer. It was announced just this week, and is being made available to a select few. In computer-speak, ...
Bringing the ‘social’ out of the operator walled gardens A ‘walled garden’ is the term aptly applied to the last decade of mobile operator services. And Facebook is the generic name aptly applied to the soci...
EFF Brief: “Privacy” Protections for Corporations Undermines Government Transp... EFF and a coalition of public interest groups urged the U.S. Supreme Court in an amicus brief Tuesday to reject so-called "privacy" protections for co...

We Recommend These Vendors and Free Offers

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.


Leave a Comment

Your email address will not be published. Required fields are marked *

*