Big 4 Auditing Firm Ernst & Young Joins Cloud Security Alliance
Cloud computing’s legitimacy as a mainstream business option just received a shot in the arm with Ernst & Young, one of the Big Four of auditing, joining the Cloud Security Alliance (CSA), a non-profit organization formed “to promote the use of best practices for providing security assurance within cloud computing and provide education on the uses of cloud computing in connection with all other forms of computing.”
Ernst & Young, popularly known as E&Y, has an Information Technology Risk and Assurance practice that assists organizations in enhancing their information frameworks and IT risk management. The company said that cloud computing is of high interest on the corporate agenda with senior level management and the C-suite executives giving it considerable attention.
“We’re excited to join the CSA and look forward to working with the other member organizations to help shape policy and develop cloud security and assurance guidelines,” said Bernie Wedge, E&Y’s Americas Information Technology Risk and Assurance leader. “The existence of the CSA and its mission speaks volumes about the evolution of cloud computing and its future. We decided to join the CSA not only to have a seat at the table, but also to provide our clients with leading edge insight on technology and risk management so they may move to the cloud safely and securely.”
The firm had undertaken a survey late last year that said 45% of companies are expected to use cloud computing in the next 12 months. However, it also mentioned that organizations needed to be careful about addressing potential risks before they move their business applications to the cloud. The survey revealed that almost half of the participants were already in the process of evaluating or planning to use cloud-based solutions.
In a press release, Jose Granado, E&Y’s Americas Information Security Services leader, said, “Cloud computing makes an IT investment more efficient, flexible and faster, and allows access to data anytime, anywhere, any place and with any electronic device. The more connected we become, the more exposed we are. Instant access to information presents critical security risks and the CSA is helping address those risks through education, research, and by developing guidelines for operating in the cloud.”
The Cloud Security Alliance was formed in November 2008 and comprises of many subject matter experts from a wide variety of disciplines, with the stated objectives of:
- Promoting a common level of understanding between the consumers and providers of cloud computing regarding the necessary security requirements and attestation of assurance.
- Promoting independent research into best practices for cloud computing security.
- Launching awareness campaigns and educational programs on the appropriate uses of cloud computing and cloud security solutions.
- Creating consensus lists of issues and guidance for cloud security assurance.
Ernst & Young is one of the largest professional services firms in the world and one of the Big Four auditors, along with Deloitte, KPMG and PricewaterhouseCoopers (PwC). It has a global headcount of 144,000 and provides assurance, tax, transaction and advisory services to hundreds of companies across the globe.
By Sourya Biswas