Salesforce.com last year became one of the first vendors of hosted applications to become certified under ISO 27001 standards. It's unclear how much that certification has helped the company acquire new customers, Wang said. But it has certainly played a role in reinforcing Salesforce.com's message about the security and reliability of its products.
News about Microsoft's plans to acquire ISO 2700 certification comes amid persisting concerns about cloud security. The concerns have been fueled by high-profile incidents such as the recent chaotic outage of Microsoft's Sidekick T-Mobile and one in July involving Twitter and Google Apps.
Though the vendors themselves and many analysts have insisted the incidents had nothing to do with cloud security failures, the perception about the cloud being vulnerable to security failures has continued to persist. It is for those reasons that certifications such as ISO 27001and FISMA are important, especially in government, Billing said.
"Within the federal market, it is a cultural issue," Billings said. "This is really about making them feel comfortable about their partnership" with Microsoft.