Cloud Standards Customer Council Forms Security Working Group and
Initiates Work on Service Level Agreement Guidance Document

Needham, MA, USA – February 7, 2012 – Members of the Cloud Standards Customer Council (CSCC) have formed a new Security working group and are soliciting participation. The Security working group will be led by David E. Harris, Ph.D., Sr. Regulatory Compliance Architect, Boeing, and Ryan Kean, Director, Enterprise Platform Technical Services, The Kroger Co. For more information about the CSCC and working groups, visit http://www.cloud-council.org. 

Security is consistently highlighted as one of the top inhibitors to the adoption of cloud computing and an area of great interest to customers. The Security working group will focus on developing high priority use cases for cloud security that reflect the issues and pain points customers are experiencing in various cloud deployment models (private, public and hybrid). A wide range of security issues including identity and access management (IAM), security policy, audit and compliance, trust, data protection and privacy will be considered. In addition to use case development, the group will provide guidance and best practices for addressing specific security concerns related to cloud.

In addition to the new Security working group, the CSCC's Practical Guide working group is actively working on a guidance document for Service Level Agreements (SLA) targeted at cloud consumers. The core team, consisting of more than a dozen member companies, will take a deeper dive into the critical elements of a SLA for cloud computing and will provide guidance on what to expect and what to be aware of in an SLA. The group plans to articulate a set of requirements from a consumer's perspective and identify elements that need to be addressed via open standards through CSCC’s SDO liaison partners.

"Today, customers complain regularly that SLA’s are just another form of vendor boilerplate, to the extent they exist at all, and that it is difficult if not impossible to get much modification. They also point out that they want the SLA because it will cause the provider to put some skin in the game, not because the penalties would solve their problems in the case of outages or other situations covered by the SLA. That doesn’t mean we don’t need SLA’s; we do. It's important we make it clear what is going on now versus what we would like to see/influence for the future and when we are hoping that future will occur." Amy Wohl, principal consultant of Wohl Associates and member of the Practical Guide working group.

The next virtual CSCC meeting will be held on February 15. The next face-to-face meeting will be held on March 19-20 in Reston, VA, featuring the “Public Sector Cloud Summit.” Agendas and registration information are available at http://www.cloud-council.org/events.htm.  

Membership in the CSCC is free for qualified end-user organizations. The membership application is available at http://www.cloud-council.org/application. Vendors may join as sponsors. For membership or sponsorship questions, contact Ken Berk at ken.berk@omg.org or +1-781-444 0404.

###

About the Cloud Standards Customer Council
The Cloud Standards Customer Council (CSCC) is an OMG® end user advocacy group dedicated to accelerating cloud’s successful adoption, and drilling down into the standards, security and interoperability issues surrounding the transition to the cloud. The Council is not a standards organization, but will complement existing cloud standards efforts and establish a core set of client-driven requirements to ensure cloud users will have the same freedom of choice, flexibility, and openness they have with traditional IT environments. The Cloud Standards Customer Council is open to all end-user organizations. IBM, Kaavo, Rackspace and Software AG are Founding Sponsors. For more information on CSCC, visit http://www.cloud-council.org.