Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

IDA plans nation-wide cloud security standards

Jack Loo | Sept. 9, 2011
Regulatory agency wishes to ease cloud security concerns faced by users and potential adopters.

SINGAPORE, 9 SEPTEMBER - The Infocomm Development Authority (IDA) has urged the industry to tackle cloud security concerns in order for Singapore to be a trusted ecosystem for the cloud.

"Cloud security concerns arise from many sources, ranging from simply a lack of understanding to unavailability of clear guidelines and standards. These concerns are compounded by large variations of cloud service offerings," said Khoong Hock Yun, assistant chief executive, IDA of Singapore.

He was giving the keynote address during the Cloud Security Alliance Summit yesterday. The event was organised by the Cloud Security Alliance Singapore Chapter.

Security concerns vary between users and across different industry verticals, he said. For example, tightly regulated industries like the financial services sector are concerned with the potential exposure of their customers' confidential information.

Khoong raised the possibility of setting up a security framework that will give buyers and adopters greater clarity in the levels of risk exposure and security provisions of various cloud providers.

"The crux of the issue may be how to match the security needs of users, perhaps as required by various regulatory and supervisory agencies, with the security provisions of cloud service providers," said Khoong.

He also suggested creating a classification scheme for end-user organisations that helps identify security management requirements within the companies.

The companies will be able to clearly identify and classify its information and systems' security needs. These needs can then be matched with what cloud providers are offering.

These are some of the ideas that are under consideration when the Cloud Computing Standards Coordinating Task Force, a joint effort by Infocomm Standards Committee and IDA formed earlier this year to undertake industry consultation to develop cloud security standards over the next six months.

 

Sign up for Computerworld eNewsletters.