Jericho Forum announces security criteria for cloud computing

IT security experts at the Jericho Forum have released a new set of security guidelines for cloud computing, designed to help IT departments when migrating to a cloud-based system.

The criteria, called the cloud cube model, offers an outline of what organisations need to consider when evaluating a cloud computing environment.

According to the Forum, cloud computing can be more secure than running databases and applications out of corporate data centres.

To ensure that a cloud application is secure, the Jericho Forum suggests three scales for evaluation.

Firstly, whether it is internal or external; secondly, whether it is proprietary or open; and thirdly, whether or not it has a security perimeter.

Placing these three scales along a 3D graph creates a ‘cloud cube’ with which the security of cloud-based applications can be evaluated.

Adrian Seccombe, Jericho Forum board member, said: “The cloud approach to organising business can be both more secure and more efficient than the old-style silo structure.

“On the one hand cloud computing offers a compelling opportunity to achieve a more effective solution, do more with less, and deliver cost savings coupled with extreme flexibility and scalability.

“Viewed from a different perspective it opens a potential Pandora’s Box of security nightmares, not least of which is loss of data confidentiality and integrity.”

Seccombe added that a “carefully analysed and chosen approach” to cloud computing can ensure that these security concerns are kept under control.

The Jericho Forum has posted a video on YouTube outlining the cloud cube criteria.

Jericho Forum’s members include BM, Symantec, Boeing, AstraZeneca, Qualys, BP, Eli Lilly, KLM, Cap Gemini, Motorola and Hewlett Packard.

Story link: Jericho Forum announces security criteria for cloud computing