The European Commission announced a list of cloud...
The European Commission announced a list of cloud security certification schemes. One obstacle to uptake of cloud computing is worry about the security of systems in the cloud, Digital Agenda Commissioner Neelie Kroes wrote on her blog Monday (bit.ly/eadjGs). Although cloud computing can make systems safer, there are still valid questions about whether data will stay confidential and available and maintain their integrity, she said. Many of the concerns can be resolved by proper certification mechanisms that are transparent and customer-centered, she said. Such systems can’t offer a 100-percent guarantee, but do provide a framework to assess and mitigate risks. There are certification services on the market for network and information security, and some are relevant to the cloud, Kroes said. As part of its cloud strategy, the EC worked with the European Network and Information Security Agency (ENISA) and industry to learn how existing certification systems could help potential cloud users decide how secure different solutions are, she said. There are now several certification schemes for the cloud (bit.ly/1hKhEn5), all vetted by ENISA, Kroes said. This is just the first step and more certification systems will be added, she said.