Cloud Foundry: Design and Architecture
Derek Collison discusses the goals, the design premises and patterns employed in creating the architecture of Cloud Foundry, VMware’s open source PaaS, unveiling internal architectural details.
News
The content has been bookmarked!
There was an error bookmarking this content! Please retry.
Amazon AWS receives ISO 27001 Certfication
Posted by James Vastbinder on Nov 24, 2010
Last week, Amazon was awarded the ISO/IEC 27001 certification for Amazon Web Services, AWS. The certification is significant in that ISO 27001 mandates specific management controls and requirements to be in place. While the certification is not cloud specific it is a significant progression and commitment towards governance, risk and compliance in the industry. This signals a maturation of the Amazon public cloud beyond its competitors and clears hurdles many CIOs would feel are barriers of adoption for enterprise acceptance of public cloud computing in general.
ISO/IEC 27001 certification is a three stage audit process:
Stage 1 - a review of the information security management system, ISMS, which is a set of policies governing information security and IT risk management.
Stage 2 - a detailed and formal compliance audit performed by independent auditors against ISO/IEC 27001. Passing this stage grants compliance with ISO/IEC 27001.
Stage 3 - maintenance stage consisting of follow-up reviews or audits which occur periodically to confirm compliance with ISO/IEC 27001. Typically the frequency is annually, but may occur more often if the ISMS is in flux.
On why the team did not pursue ISO/IEC 27002 certification at the same time, from the AWS site:
We don’t disclose every control we have in place, but of course we did consider all relevant guidance documented in 27002 as applicable to our scope covering AWS infrastructure, data centers, and services including EC2, S3, and VPC. As part of the certification process our auditors validated that we addressed all aspects of the 27002 guidance appropriate for our systems and services.
Amazon is not the first cloud vendor to achieve this certification, as Salesforce.com has been ISO 27001 certified for some time and Microsoft is actively pursuing ISO 27000 family of certifications for its Business Productivity Online Suite. It is unclear of what value this certification brings to the table, but at a minimum it provides a security standard by which to judge competing platforms as IT compares the ISMS of a vendor.
RelatedVendorContent
Five Key Practices to Agile ALM
RDBMS to NoSQL: Managing the Transition
Why NoSQL? A Primer on the Rise of NoSQL
App Server Evolution: REST, Cloud, and DevOps Support in Resin 4
Related Sponsor
In today’s hyper-competitive world, later may be too late to adopt Agile development and this Roadmap for Success will help you get started. Download "Agile Development: A Manager's Roadmap for Success" now!
No comments
Watch Thread Reply