ENISA new steps for building trust in the Cloud

Back to News

Supporting the activities of the EU Cloud Strategy, ENISA has published a list of the existing Cloud Certification schemes. This will help potential cloud users decide on the security of different cloud solutions. The list was developed by ENISA in close collaboration with the European Commission and the private sector (EC Certification Selected Industry Group).

One of the main obstacles of adopting cloud is the lack of trust towards the cloud service provider. Before buying a cloud service, customers want to know if the service is secure and reliable. But cloud computing services are complex and built up from many different ICT components.

“Questions like: “What can I expect from my cloud provider?”, “If I put my data into the cloud, will I lose control?” “Who is responsible for what happens to it?” may arise.  Many of those questions can be addressed by proper certification: schemes for adequate standards that are transparent and centered on the customer” commented the Vice President and Commissioner of the European Commission  Mrs Neelie Kroes.  

Based on the existing schemes, ENISA has now delivered a list of certification schemes for cloud. The Agency has investigated:

  • the specific certification schemes (based on the EU Cert.-SIG feedback),
  • what standards and specifications they certify against, and
  • who actually provides the assurance.

This gives potential cloud customers more transparency about existing certification schemes and how they relate to the cloud.

 

For more information: ENISA Cloud Computing Certification Schemes List - CCSL

Neelie Kroes blog post on CCSL: Making the cloud more transparent - a boost for secure, trustworthy services

Background:  European Cloud Strategy