A new working group is trying to create an open and standardized mechanism for delivering security alerts across the different cloud computing platforms.
The Cloud Security Notification Framework (CSNF), which includes Microsoft, Google and IBM, hopes to build a common format to provide companies the same kind of alerts they have in the data center to track security notifications in the cloud.
CSNF is spearheaded by the ONUG open enterprise cloud community. Nick Lippis, co-founder of ONUG says that what they’ve created at CSNF is “part standard and part open source.”
In addition to roping in big cloud vendors, CSNF has also managed to attract several major cloud computing consumers including FedEx, Pfizer and Goldman Sachs.
In a conversation with TechCrunch, Lippis says that in time he hopes to attract other companies and cloud vendors including Amazon Web Services (AWS) to the project.
The CSNF is composed of a steering committee that is chaired by the Chief Information Security Officers (CISOs) from the member platforms and companies, who help guide the project. Their guidance is translated into actual work by the working group.
Don Duet, CEO and co-founder of Concourse Labs, who helped setup CSNF, says that the first priority for the project was to establish a common vocabulary for everyone to work within the group.
With that work completed, Duet shares that the next step for CSNF is to get the various member companies to roll out the solution and test it over the next few months.
CSNF hopes that eventually the framework will establish itself as a worthwhile endeavor and will attract other companies and vendors to make it the standard way for sharing security alerts.
If all goes as per plan, CSNF hopes to extend the scope of the initiative to build in other security information into this framework as well.