The biggest inhibitor to cloud computing is the perception that cloud is less secure than traditional computing environments. In truth, however, organisations can have the same levels of control with cloud  computing as they have with their existing IT systems.

That’s according to Dave Funnell, Sales Manager of RSA, the Security Division of EMC Southern  Africa, who says the technological controls required for cloud computing are the same as those used in  a virtualised environment: a strong authorisation system, the ability to manage roles and access to  information, and visible reporting.

“By monitoring these elements and adhering to the Cloud Security Alliance’s governance, risk and  compliance (GRC) standard, it is possible to deliver the right level of assurance to the business concerning security in the cloud,” Funnell says.

In February 2011, RSA announced the RSA Cloud Trust Authority (CTA), a set of cloud-based services designed to facilitate secure and compliant relationships between organisations and cloud service  providers.

By enabling visibility and control over identities, information and infrastructure, the CTA fosters the trust  necessary for organisations to adopt cloud computing for mission-critical applications and sensitive  information.

Brought to you by

“The CTA services enable consumers to compare service providers’ offerings, so that they can fully understand the level of security and control any given service provider can deliver for their information,”  Funnell says. “It also enables the service providers to move from promise to proof that they are safeguarding the organisation’s data.”

As a thought leader in this space, RSA has the technology and knowledge to address all seven of the  areas of concern regarding security in the cloud highlighted by Gartner: privileged user access;  regulatory compliance; data location; data segregation; recovery; investigative support; and long-term viability.

“By verifying the chain of trust, we are able to facilitate and streamline organisations’ journey to the  cloud,” Funnell says. “For example, we are able to map sources onto an organisation’s cloud service  provider and produce a view of exactly how compliant the company is.

“The market is maturing, and the tools are there. However, adoption will be slow unless the service  providers gain their customers’ trust. The cloud can be secure if the right governance, controls, policies  and infrastructure are in place.