The Question of the Month at the MITRE blog asks what government can do to facilitate the adoption of cloud computing to more effectively provide IT services. There are 3 things, actually.
But this question is clearly just a short step from January’s question. So, let’s deal with both of them:
First, January’s question: “What’s most significant cloud computing concern for federal orgs?”
I felt compelled to respond after reading Chris Hoff’s “Cloud: Security Doesn’t Matter (Or, In Cloud, Nobody Can Hear You Scream),” at his blog Rational Survivability. This post originally appeared as a comment to his post.
I am working with Hoff as a member of the A6 (Automated Audit, Assertion, Assessment, and Assurance API) group working on cloud security interoperability standards.
Hoff’s point is well said. It’s a forceful (and entertaining) echo in the cloud of earlier discoveries and comments about the ultimate importance of “trust” versus other words often intended to characterize related aspects (e.g., security, privacy), but which do not represent the real need, and so should never be confused as synonyms.
In my last post, I briefly described the history of e-commerce cyber-security, and how phishing scams are actually helping improve security in cloud computing.
Now we are seeing that early adopters have been reporting revenue and bottom-line improvements that can be attributed to EV SSL. Versign says that CRSHotels.com saw a 30% increase in conversions from Internet Explorer-7 traffic. Likewise, Flagstar Bank reported 10% improvement in customer sign up. Charles Schwab took the lead from the investment and finance management services side.
Another leading Certificate Authority (CA), Comodo, is reporting adoption at financial services companies like GE Money and Lending Tree. Lately, the adoption has been spreading beyond traditional e-commerce/financial sites to such businesses as FedEx and Starbucks. Read more
