November 08, 2011, 5:57 PM — Just recently, the Open Data Center Alliance and Cloud Security Alliance (CSA) announced that they combining forces to speed development and adoption of industry standards for cloud solutions. Okay.
No doubt, cloud computing continues to be a top-of-mind topic. But if you are like me, it may feel as if we’re all stuck in an endless loop of hoopla and hollow bell-ringing, still waiting for the idea of cloud to evolve into practice. I’m a believer, it will evolve. But this waiting, made all the more painful thanks to a never-ending hype machine blasting all around us, definitely tests my faith.
That said, organizations like these two alliances are doing much to further cloud’s cause, and that is (to borrow a term from domestic empress Martha Stewart) a good thing. Oh… here’s where I insert a disclosure: Back in the spring and early summer, I worked closely with the Open Data Center Alliance as the group launched the first of its Open Data Center Usage Models, which define IT requirements for cloud adoption.
What’s cool about the Alliance is that its efforts are driven by users. In fact, the group now has more than 300 global IT leaders with a collective annual IT spending of over $100 billion.
The Alliance has been prudent not to craft cloud standards; rather it collaborates with organizations already doing that testy work, as well as with others such as the CSA who (like the Alliance) are not defining standards but driving them. The CSA’s mission, according to the group’s Web site, is to “promote the use of best practices for providing security assurance within cloud computing, and provide education on the uses of cloud computing to help secure all other forms of computing.” The goal, methinks, of this partnership is to create a framework of industry requirements and best practices around which cloud standards can be shaped.
The Alliance and CSA are working together on a biggie: security. The two groups say they will first work to align the best practices as spelled out by the CSA with the requirements the Alliance defined in two of its usage models (Provider Security Assurance and Security Monitoring – aimed at helping organizations ensure their providers meet and comply with their security requirements). And they’ll also focus on cloud security certification training and testing, and Alliance members will participate in CSA’s programs. Initial results of these engagements are expected to be delivered in Q1 2012 and will assist cloud service providers in standard definitions for delivery of ODCA requirements enabling delivery of solutions next year.