Story image

CipherCloud heads up cloud security open working group

30 Jun 2015

The cloud access security broker space is still emerging, with standards yet to be fully defined. However, this space is recognised as the fastest-growing segment of cloud security.

In order to define protocols and best practices for implementing cloud data security as a part of the CASB framework, CipherCloud and the Cloud Security Alliance (CSA) are forming a Cloud Security Open API Working Group.

Deloitte, InfoSys, Intel Security, SAP and other companies will also contribute.

The Cloud Security Open API Working Group will provide guidance on vendor-neutral data-security implementation to help accelerate cloud services adoption.

The working group also plans to produce API specifications and a reference architecture to guide cloud data protection.

Collaboration on these guidelines will also further accelerate security integrations across multiple clouds and with third-party technologies.

The initiative will enable enterprises to leverage standards-based APIs to protect data via encryption, tokenization and other technologies across cloud environments, helping eliminate the need for custom integration for each cloud.

"Standards are an important frontier for the cloud security ecosystem," says Jim Reavis, CSA CEO.

"The right set of working definitions can boost adoption. This working group will help foster a secure cloud-computing environment - a win for vendors, partners and users.

“Standardising APIs will help the ecosystem coalesce around a universal language and process for integrating security tools into the cloud applications," Reavis says.

"Cloud is the killer app for security innovation. But currently, inefficiencies at the technical level in the form of custom connector protocols can hold back innovations in cloud security," says Pravin Kothari, CipherCloud founder and CEO.

“Defining a uniform set of standards can enable us all to operate from the same playbook. As a pioneer in CASB, we are excited to co-lead this initiative with CSA to accelerate security across clouds," he says.

Jeff Margolies, Deloitte & Touche LLP principal, says, "Enterprises and governments are struggling with the challenge of how to manage their cyber risks as they move data and compute to the cloud.  

"Currently the cloud security ecosystem lacks basic integration standards for connecting third-party security solutions to cloud applications, platforms and infrastructure. 

“By bringing together vendor, channel and customer constituents, this working group plans to provide clarity on leading practices for integration, critical to continued cloud adoption."

Nayaki Nayyar, SAP senior vice president cloud for customer engagement, believes customers will be the ultimate beneficiaries of these standards.

"A clear set of cloud security standards and best practices will help enable organisations to reap the benefits of the cloud in less time with added assurance that their data is secure," she says.

"With enterprises scaling their use of hybrid cloud solutions to drive their business, the role of interoperable cloud security based on standard APIs is critical," says Curt Aubley, Intel vice president and Data Center Group CTO.

"Intel is committed to working with the industry to develop the foundation for interoperable cloud security and applauds CSA's continued leadership within this arena," he says.

Working group activities will formally commence in early July upon completion of the CSA corporate member subject matter expert review. 

Why businesses should ban email attachments
"When people are working from an outdated version of a document, they can waste time, make errors, and potentially risk the success of the project they’re working on."
IRD issues more than $80 million of refunds in one week
The first two batches of automatic tax assessments have been successfully issued by Inland Revenue.
Transformation of industry verticals through 5G – Frost & Sullivan
5G has the potential to transform industry verticals through indoor connectivity, but certain key verticals will experience stronger growth than others.
AWS announces the general availability of AWS Ground Station
Once customers upload satellite commands and data through AWS Ground Station, they can supposedly download large amounts of data over the high-speed AWS Ground Station network.
Citrix to extend Workspace to Google Cloud
“In expanding our partnership with Citrix, we can better help these customers with their transformations by enabling them to access and run the applications their businesses depend on anywhere—simply, flexibly and securely.”
Hybrid cloud security big concern for business leaders
A new study highlights that IT and security professionals have significant concerns around security for hybrid cloud and multi-cloud environments.
GitHub launches fund to sponsor open source developers
In addition to GitHub Sponsors, GitHub is launching the GitHub Sponsors, GitHub will match all contributions up to $5,000 during a developer’s first year in GitHub Sponsors.
Check Point announces integration with Microsoft Azure
The integration of Check Point’s advanced policy enforcement capabilities with Microsoft AIP’s file classification and protection features enables enterprises to keep their business data and IP secure, irrespective of how it is shared.