csc.com / Ronald B. Knode has published a whitepaper about Digital trust in the cloud. We think this is interesting as we see how many of the problems can be solved by InfraSight Labs rule-based analysis. Download the whitepaper here.
“Whatever sample of cloud processing problems and risks are used, the sources of enterprise
reluctance to engage in cloud usage can be parsed into three main “lacks”:
1. Lack of standards. All clouds are different. Each one must be investigated and
analyzed to understand its capabilities and weaknesses. The technical basis for digital
trust9 must be created for each cloud.
2. Lack of portability. Every cloud creates its own processing climate. Any digital trust
obtained by one cloud environment does not transfer to any other.
3. Lack of transparency. All clouds are opaque. Neither technology nor process is easily
visible. It is almost impossible to generate digital trust when transparency is absent.
And, while all three have some security contribution, it is the third “lack” – i.e., the lack of
transparency – that contributes most to the enterprise anxiety about cloud security. This lack of
transparency makes digital trust hard to create, and enterprise-class payoffs hard to collect.”