RSA Europe: Free cloud security readiness tool from Microsoft

Microsoft has announced a free tool for organisations to assess their security readiness for cloud computing.

Microsoft has announced a free tool for organisations to assess their security readiness for cloud computing.

A survey commissioned by the company revealed that the top barriers to cloud adoption are concerns about the ability to deal with industry standards (61%), transparency (59%) and security concerns (44%).

“This shows companies are more concerned than they should be,” Adrienne Hall, general manager of Trustworthy Computing at Microsoft, told the RSA Conference Europe 2012 in London.

On the flip side, the survey conducted in five regions revealed that companies that have adopted cloud are seeing security benefits, she said.

Some 57% of respondents said they have more time and money to focus on their core business, and 54% said they believed cloud services provided better security than the company was capable of on its own.

To boost confidence in cloud, Hall said Microsoft is collaborating with organisations such as the Cloud Security Alliance (CSA) and ISO to share information, drive standards and improve transparency.

Based on the CSA’s Cloud Controls Matrix, Microsoft’s Cloud Security Readiness Tool is an online survey of 27 questions that are used to assess a company’s security posture and make recommendations for moving to cloud computing.

“The aim of the tool is to simplify the process and cut through the clutter to help organisations take a step-by-step look at cloud adoption based on their environment,” said Hall.

The output of the tool is a custom report that makes agnostic recommendations in each of the 27 areas, including information on the potential benefits of cloud computing and the implications of regulations that apply to the industry sector of the organisation that has completed the survey.

For each area, such as security policies and procedures, the report will include feedback on a company’s current state, recommendations based on best practice, security advantages of moving to a cloud service, and what regulations the organisation should consider.

The tool can used by all organisations from 100 PC users to over 50,000, and can be used to assess all of IT or just particular company divisions.

“Sometimes it can be difficult for companies to evaluate what parts of the business are best suited for transitioning to cloud computing,” Hall told Computer Weekly.

The tool, she said, provides another way to look at the issues to improve comfort level with using cloud computing by applying the CSA principles to a specific organisation in a specific industry.

Image: iStockphoto/Thinkstock

Read more on Cloud security