Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Cloud Services Providers Introduce Trusted Cloud Principles

Major cloud services providers last week formally introduced the Trusted Cloud Principles, an initiative aimed at bringing standardization and consistencies across platforms.

Major cloud services providers last week formally introduced the Trusted Cloud Principles, an initiative aimed at bringing standardization and consistencies across platforms.

Trusted Cloud Principles signatories say they are committed to maintaining consistent human rights standards across their services, while also ensuring that cloud services providers’ interests are protected.

The initiative has received support from heavy industry names, including Amazon, Atlassian, Cisco, Google, Microsoft, and IBM, among others.

“Trusted Cloud Principles signatories are committed to protecting the rights of our customers. We have agreed to strong principles that ensure we compete while maintaining consistent human rights standards,” the signatories say.

As per the newly introduced principles, cloud services providers are committed to ensure the privacy and security of their customers’ data across borders, while working with governments around the world to ensure the free flow of data and establish legal frameworks for data privacy, security, and integrity.

“Governments have a legitimate and important interest in protecting the safety and security of their people. Yet in some instances they seek to gain access to data under laws that do not adequately protect human rights and the rule of law, and conflict with laws of other countries,” the cloud companies note.

The involved organizations say they recognize governments’ interest in ensuring the “safety, security, privacy, and economic vitality of individuals and organizations” that use cloud services, but also the fact that individuals have the right to privacy and that customers should trust the security of their data.

Advertisement. Scroll to continue reading.

The signatories also commit to supporting laws through which governments may request data in a transparent manner, but also improved regulation to “protect the safety, privacy, and security of cloud customers and their ownership of data.”

Furthermore, they recognize the importance of regular publishing of transparency reports regarding government data requests and announce their support for legal frameworks that would help resolve conflicts related to data access, privacy, and sovereignty.

The Trusted Cloud Principles require for governments to first engage with customers and then cloud services providers and to address conflicts of law, while supporting cross-border data flows, but also outline that customers have the right to be notified of government access to their data and that cloud providers should have the right to protect their customers’ interests.

Related: Securing Data-in-Use With Confidential Computing

Related: New Resources Define Cloud Security and Privacy Responsibilities

Related: Malware is Pervasive Across Cloud Platforms: Report

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.