News

Cloud Security Guidelines Focus on Giving Businesses Knowledge and Choice of Where Their Data can be Safely and Efficiently Stored

Chico, CA (June 19, 2013) – The International Association of Cloud & Managed Service Providers (MSPAlliance), today announced guidelines designed to provide businesses of all sizes information and knowledge so they can make smart and informed decisions regarding how their data interacts with the cloud. The guidelines, based in part on the Unified Certification Standard for Cloud & Managed Service Providers (UCS), also utilize the MSPAlliance Code of Ethics and Conduct, as well as the Consumer Bill of Rights.
“Cloud computing has opened a lot of doors for customers and the service providers who manage their IT needs,” said Celia Weaver, president and co-founder of the MSPAlliance. “However, those customers do need to be aware of how cloud can also expose their sensitive data in ways they never contemplated. That’s why these guidelines based on the UCS cloud standard are so important.”
The guidelines will be further illustrated in a white paper currently being developed that will be available to the public sometime this summer. Highlights of these guidelines include:

• Communication to businesses about location of their data
• Disclosure to the business customer of any third parties who may have a meaningful access to that customer data
• Established controls that govern how third party service providers should handle sensitive customer data
• Controls for how service providers deal with both public and private cloud environments
• Transparency requirements for service providers when communicating with customers and prospects related to sensitive data
• Ethical, financial, and security controls governing how service providers handle customer data

“The MSPAlliance guidelines are very important for businesses if they want to know how to protect their data in the cloud,” said Michael Corey, CEO of Ntirety and MSPAlliance Advisory Board Member. “If you leave your house and want to protect what’s inside you use a lock. Business data should be no different.”
The MSPAlliance Guidelines were not designed to take any political sides but rather to establish policies that will enable businesses to make well informed decisions about where their data is store and who has access to that data. For over a decade the MSPAlliance has been a staunch advocate for the effective management of Information Technology on behalf of customers who outsource to managed service providers (including cloud providers).
For more information about the various MSPAlliance guidelines, including the UCS, the Customer Bill of Rights, and the Managed Service Provider’s Code of Ethics & Conduct, please visit www.MSPAlliance.com