Denys Rudyi - Fotolia

CipherCloud and CSA lead calls for cloud security open APIs

The pair have teamed up to create a working group that will guide the industry on how to make the cloud more secure, but in an open way

A working group has been established to oversee the creation of cloud security-focused open application programming interfaces (APIs) to make it easier for users to integrate data protection tools across multiple clouds.

Its activities will be overseen by the Cloud Security Alliance (CSA) and data protection supplier CipherCloud, while the likes of Deloitte, InfoSys, Intel Security and SAP have committed to contributing to the Cloud Security Open API Working Group.

The organisation's aim is to enable enterprises to make use of standards-based APIs to protect data via encryption, tokenisation and other technologies across multiple clouds without needing to resort to embarking on custom integrations for each environment they choose to use.

As part of this, it intends to issue guidance on supplier-neutral data security implementations, produce API specifications for industry-wide use, along with a reference architecture for other technology firms to follow.

By increasing the interoperability of cloud security tools, the working group hopes this will speed up adoption of off-premise technologies, as data protection concerns are often cited as a major barrier to take-up.

CSA CEO Jim Reavis said the cloud security ecosystem of suppliers and users is calling out for a robust set of standards.

Read more about cloud security

"The right set of working definitions can boost adoption. This working group will help foster a secure cloud computing environment – a win for vendors, partners and users," he said.

"Standardising APIs will help the ecosystem coalesce around a universal language and process for integrating security tools into the cloud applications."

The group's activities are due to kick-off in July 2015, and the CSA is also inviting other interested parties to assist with its work.

CipherCloud founder and CEO Pravin Kothari added: "Cloud is the killer app for security innovation, but inefficiencies at the technical level in the form of customer connector protocols can hold back innovations in cloud security. Defining a uniform set of standards can enable us all to operate from the same playbook."


Read more on Web development