Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Cloud Services Providers Introduce Trusted Cloud Principles

Major cloud services providers last week formally introduced the Trusted Cloud Principles, an initiative aimed at bringing standardization and consistencies across platforms.

Major cloud services providers last week formally introduced the Trusted Cloud Principles, an initiative aimed at bringing standardization and consistencies across platforms.

Trusted Cloud Principles signatories say they are committed to maintaining consistent human rights standards across their services, while also ensuring that cloud services providers’ interests are protected.

The initiative has received support from heavy industry names, including Amazon, Atlassian, Cisco, Google, Microsoft, and IBM, among others.

“Trusted Cloud Principles signatories are committed to protecting the rights of our customers. We have agreed to strong principles that ensure we compete while maintaining consistent human rights standards,” the signatories say.

As per the newly introduced principles, cloud services providers are committed to ensure the privacy and security of their customers’ data across borders, while working with governments around the world to ensure the free flow of data and establish legal frameworks for data privacy, security, and integrity.

“Governments have a legitimate and important interest in protecting the safety and security of their people. Yet in some instances they seek to gain access to data under laws that do not adequately protect human rights and the rule of law, and conflict with laws of other countries,” the cloud companies note.

The involved organizations say they recognize governments’ interest in ensuring the “safety, security, privacy, and economic vitality of individuals and organizations” that use cloud services, but also the fact that individuals have the right to privacy and that customers should trust the security of their data.

The signatories also commit to supporting laws through which governments may request data in a transparent manner, but also improved regulation to “protect the safety, privacy, and security of cloud customers and their ownership of data.”

Advertisement. Scroll to continue reading.

Furthermore, they recognize the importance of regular publishing of transparency reports regarding government data requests and announce their support for legal frameworks that would help resolve conflicts related to data access, privacy, and sovereignty.

The Trusted Cloud Principles require for governments to first engage with customers and then cloud services providers and to address conflicts of law, while supporting cross-border data flows, but also outline that customers have the right to be notified of government access to their data and that cloud providers should have the right to protect their customers’ interests.

Related: Securing Data-in-Use With Confidential Computing

Related: New Resources Define Cloud Security and Privacy Responsibilities

Related: Malware is Pervasive Across Cloud Platforms: Report

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Wendi Whitmore has taken the role of Chief Security Intelligence Officer at Palo Alto Networks.

Phil Venables, former CISO of Google Cloud, has joined Ballistic Ventures as a Venture Partner.

David Currie, former CISO of Nubank and Klarna, has been appointed CEO of Vaultree.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.