A Platinum Idea from the Open Data Center Alliance - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Cloud // Software as a Service

A Platinum Idea from the Open Data Center Alliance

In the absence of widely adopted standard definitions for security requirements, cloud subscribers must do a lot of homework to compare one provider's offerings to another's and to determine exactly what they are getting in terms of security.

Without industry standards for measurements, it would be difficult to compare the fuel efficiency of different models of cars. Different manufacturers would likely use different tests under different conditions. Consumers would be left with a lot of apples-to-oranges comparisons, making it difficult to understand the true fuel efficiency of different models.

Today the same is true-only more so-for people shopping for cloud services. In the absence of widely adopted standard definitions for security requirements, cloud subscribers must do a lot of homework to compare one provider's offerings to another's and to determine exactly what they are getting in terms of security.

The Open Data Center Alliance is working to remove a lot of this uncertainly by promoting the adoption of its new Provider Security Assurance Usage Model. The model represents the collective voice of hundreds of global businesses in the ODCA, a consortium that develops and promotes usage models for cloud and next-generation data centers.

The Provider Security Assurance Usage Model defines standard definitions for security levels in cloud environments. These levels are expressed in terms of Bronze, Silver, Gold, and Platinum standards. This framework spans from basic security to the levels of security that are equivalent to those required by enterprises, financial organizations, and military organizations.

At Intel, we think the arrival of this usage model is an important step forward for both cloud subscribers and cloud providers. With the widespread adoption of standard definitions for security levels, cloud subscribers could more easily compare different service offerings and match the needs of different applications with an appropriate level of security. Cloud providers, in turn, would have a clearly understand mechanism for differentiating their service offerings.

An organization using cloud services might decide that the basic Bronze level of security is appropriate for certain web, file, and print applications, but that its mission-critical business applications and databases require the higher Silver or Gold standard.

In practice, the application of these new standards will be enabled be a wide range of technologies. These include Intel' Trusted Executive Technology (Intel TXT), a hardware security solution that protects IT infrastructures against software-based attacks by validating the behavior of key components within a server or PC at startup. For certain workloads-such as customer, billing, and financial information systems-Intel TXT will be essential.

One important caveat here: There is no panacea for security in the cloud. We're talking about a multi-layered problem that is solved with multi-layered security, beginning at the hardware level and rising up the stack from there. Many different technologies and products must work together in a complementary manner to deliver the appropriate level of security.

The good news is, the ODCA's standard definitions for security levels will make it a lot easier to understand the differences in security levels and to find the right security package for a particular application. While it won't be quite as easy as comparing the fuel efficiency of cars, comparing cloud security offerings will become a much more straightforward process.

For a deeper dive into this topic, download the Provider Security Assurance Usage Model from the Alliance site.

Dylan Larson is the Director of Server Platform Marketing at Intel. Dylan has 10 years of experience with Intel bringing new technologies to market.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Commentary
What Becomes of CFOs During Digital Transformation?
Joao-Pierre S. Ruth, Senior Writer,  2/4/2020
News
Fighting the Coronavirus with Analytics and GIS
Jessica Davis, Senior Editor, Enterprise Apps,  2/3/2020
Slideshows
IT Careers: 10 Job Skills in High Demand This Year
Cynthia Harvey, Freelance Journalist, InformationWeek,  2/3/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
IT 2020: A Look Ahead
Are you ready for the critical changes that will occur in 2020? We've compiled editor insights from the best of our network (Dark Reading, Data Center Knowledge, InformationWeek, ITPro Today and Network Computing) to deliver to you a look at the trends, technologies, and threats that are emerging in the coming year. Download it today!
Slideshows
Flash Poll