15 April 2015

Overview Of Cloud Standards

Cloud computing slowly becoming realty. So it has to address many concerns such as security, interoperability, portability and governance at the earliest opportunity.

This can be accelerated by compliance to guidelines and standards defined in consensus by the cloud providers. Without addressing these concerns, users would be wary to tread this path in spite of its powerful economic model for business computing.

Interoperability/integration - interoperability enables products/software components to work with or integrate with each other seamlessly, in order to achieve a desired result. Thus, it provides flexibility and choice to use multiple products to achieve our need. This is enabled by either integrating through standard interfaces or by means of a broker that converts one product interface to another.

Security - security involves the protection of information assets through various policies, procedures and technologies, which need to adhere to standards and best practices in order to achieve the desired level of security. For example, Payment Card Industry (PCI) data security standards from PCI SSC  define ways to secure credit card data to avoid fraud. This is applicable to all organisations that hold, process or pass credit cardholder information.

Portability - A software is said to be portable when the cost of porting the same from an existing platform for which it was originally developed, to a new platform, is less than the cost of re-writing it for the new platform. Software with good portability thus avoids vendor lock-in. This is typically achieved by adhering to standard interfaces defined between the software component and vendor platforms. For example, Java programs are set to be portable across operating systems (OS) that adhere to standard interfaces defined between the Java runtime environment and the OS.

Governance - Risk Management and Compliance (GRC) - governance focuses on ensuring that the enterprise adheres to defined policies and processes. Risk management puts in controls to manage and mitigate risks as defined by the enterprise. Compliance ensures that the enterprise adheres to various legal/legislative as well as internal policies. Standards have been defined for IT systems to adhere to certain industry as well as legal standards such as Sarbanes-Oxley (SOX) [4], Health Insurance Portability and Accountability Act (HIPAA), etc.

No comments:

Post a Comment

Thanks for your message. We will get back you.

© 2010-2017 Biganalytics.me. All rights reserved.. Powered by Blogger.

Total Pageviews

All material, files, logos and trademarks within this site are properties of their respective organizations.