RSA, the security division of EMC has announced the RSA Cloud Trust Authority (CTA), a set of cloud-based services...
for secure and compliant relationships with cloud service providers.
The announcement coincides with the start of the RSA Conference 2011 in San Francisco this week.
The CTA is aimed at fostering the trust necessary for organisations to adopt cloud computing for mission-critical applications and sensitive information, RSA said in a statement.
EMC also unveiled an EMC Cloud Advisory service, aimed at supporting the main CTA goals of visibility and control.
The new service includes Cloud Optimiser from EMC Consulting, which is designed to help customers create a balanced cloud strategy extending from legacy architectures through cloud service providers at the lowest cost while achieving trust objectives, EMC said.
The service is aimed at helping customers evaluate workloads for suitability to move to cloud models and develop a strategy for optimising the placement of workloads by looking at economics, trust and functionality to maximise cost savings and business agility.
"Surveys show that lack of trust in cloud computing is slowing broader adoption of cloud services," said RSA executive chairman Art Coviello.
While cloud computing offers benefits in cost and agility, it breaks down some of the traditional means of ensuring visibility and control of infrastructure and information, he said.
But forcing enterprises to develop trusted relationships individually with each cloud service provider they want to use is cumbersome and will not scale, said Coviello.
"New thinking in security and compliance is required to provide a future in which organisations can consume services from a wide variety of cloud service providers on-demand and for all their application needs," he said.
Businesses and other organisations can manage relationships with cloud service providers via the RSA Cloud Trust Authority console.
Ken Owens, vice-president of security and cloud technology at cloud service provider Savvis said, "by offering an elegant model for customers to establish trusted relationships with service providers more rapidly, RSA's approach will accelerate the adoption of our services by a wider set of customers for security-sensitive applications."
The RSA CTA will include an identity service to enable a customer to manage secure user access and user provisioning to multiple cloud providers, and a compliance profiling service to view the trust profiles of various cloud providers against a set of common benchmarks developed by the Cloud Security Alliance and others.
"Security remains top of mind for organisations that wish to leverage the public cloud more extensively" said Jim Reavis, executive director of the Cloud Security Alliance.
"With the RSA Cloud Trust Authority, RSA is taking another decisive step towards delivering comprehensive and innovative solutions for securing the cloud. The approach of delivering cloud security services spanning identity, information, and infrastructure will address key concerns that limit the adoption of the cloud," he said.
A beta of the RSA CTA will be available in the second half of 2011, and will include both identity and compliance services, the company said.