Story image

CipherCloud heads up cloud security open working group

30 Jun 2015

The cloud access security broker space is still emerging, with standards yet to be fully defined. However, this space is recognised as the fastest-growing segment of cloud security.

In order to define protocols and best practices for implementing cloud data security as a part of the CASB framework, CipherCloud and the Cloud Security Alliance (CSA) are forming a Cloud Security Open API Working Group.

Deloitte, InfoSys, Intel Security, SAP and other companies will also contribute.

The Cloud Security Open API Working Group will provide guidance on vendor-neutral data-security implementation to help accelerate cloud services adoption.

The working group also plans to produce API specifications and a reference architecture to guide cloud data protection.

Collaboration on these guidelines will also further accelerate security integrations across multiple clouds and with third-party technologies.

The initiative will enable enterprises to leverage standards-based APIs to protect data via encryption, tokenization and other technologies across cloud environments, helping eliminate the need for custom integration for each cloud.

"Standards are an important frontier for the cloud security ecosystem," says Jim Reavis, CSA CEO.

"The right set of working definitions can boost adoption. This working group will help foster a secure cloud-computing environment - a win for vendors, partners and users.

“Standardising APIs will help the ecosystem coalesce around a universal language and process for integrating security tools into the cloud applications," Reavis says.

"Cloud is the killer app for security innovation. But currently, inefficiencies at the technical level in the form of custom connector protocols can hold back innovations in cloud security," says Pravin Kothari, CipherCloud founder and CEO.

“Defining a uniform set of standards can enable us all to operate from the same playbook. As a pioneer in CASB, we are excited to co-lead this initiative with CSA to accelerate security across clouds," he says.

Jeff Margolies, Deloitte & Touche LLP principal, says, "Enterprises and governments are struggling with the challenge of how to manage their cyber risks as they move data and compute to the cloud.  

"Currently the cloud security ecosystem lacks basic integration standards for connecting third-party security solutions to cloud applications, platforms and infrastructure. 

“By bringing together vendor, channel and customer constituents, this working group plans to provide clarity on leading practices for integration, critical to continued cloud adoption."

Nayaki Nayyar, SAP senior vice president cloud for customer engagement, believes customers will be the ultimate beneficiaries of these standards.

"A clear set of cloud security standards and best practices will help enable organisations to reap the benefits of the cloud in less time with added assurance that their data is secure," she says.

"With enterprises scaling their use of hybrid cloud solutions to drive their business, the role of interoperable cloud security based on standard APIs is critical," says Curt Aubley, Intel vice president and Data Center Group CTO.

"Intel is committed to working with the industry to develop the foundation for interoperable cloud security and applauds CSA's continued leadership within this arena," he says.

Working group activities will formally commence in early July upon completion of the CSA corporate member subject matter expert review. 

Red Hat expands integration product capabilities
Adds end-to-end API lifecycle support and new capabilities for agile integration across hybrid architectures.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
BMC adds IBM Cloud, Watson to Helix solution
BMC Helix with IBM Watson delivers cognitive insights across structured and unstructured federated knowledgebases.
Hyundai works with IBM to create a new blockchain-based platform
The network for commercial financing will supposedly provide participants with a single view of all the transactions happening in the network.
Why businesses should invest in energy automation
In industrial applications digital transformation allows businesses to do more with less.
NZ Cricket ups data analytics game with Qrious
The Black Caps and White Ferns have implemented a data and analytics solution from Qrious to monitor and improve game strategy and player performance.
Gartner: Smartphone biometrics coming to the workplace
Gartner predicts increased adoption of mobile-centric biometric authentication and SaaS-delivered IAM.
IDC: A/NZ second highest APAC IoT spenders per capita
New IDC forecast expects the Internet of Things spending in Asia/Pacific excluding Japan to reach US$381.8 Billion by 2022.