Key leaders within both the information security and cloud computing industries today announced the formation of the Cloud Security Alliance, to be formally launched at the RSA Conference 2009, in San Francisco on April 21, 2009. The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing.

"The very nature of how businesses use information technology is being transformed by the 'on-demand' cloud computing model," said Dave Cullinane, Chief Information Security Officer at eBay, Inc. "It is imperative that information security leaders are engaged at this early stage to help assure that the rapid adoption of cloud computing builds in information security best practices without impeding the business. I am proud to be a co-founder of this important initiative."

As part of the launch at RSA, the Cloud Security Alliance will issue its inaugural whitepaper, "Guidance for Critical Areas of Focus in Cloud Computing," which outlines key issues and provides advice for both Cloud Computing customers and providers within 15 strategic domains. "We expect a great deal of migration towards cloud computing within the federal government in addition to the already robust private sector growth," said former White House advisor Paul Kurtz, partner with Good Harbor Consulting, LLC, and Cloud Security Alliance founding member. "The growth of the cloud should not outpace our ability to protect the data that goes into it, and the Cloud Security Alliance is a key collaborative effort to help assure that is the case."

The Cloud Security Alliance has engaged noted experts within several fields, including governance, law, network security, audit, application security, storage, cryptography, virtualization, risk management and several others, in order to provide authoritative guidance to securely adopt cloud computing solutions. Alan Boehme, Cloud Security Alliance founding member and Senior Vice President of IT Strategy and Architecture at ING, says that this guidance is timely, "Enterprises need pragmatic advice to qualify and engage with cloud providers in a way that is in alignment with organizational risk tolerances. We also need the flexibility to use cloud services for business needs of varying levels of sensitivity. It is important to me that the Cloud Security Alliance's recommendations are being driven by leading practitioners."

In the week following the RSA Conference, the Cloud Security Alliance will launch its one year roadmap of activities and deliverables at Infosecurity Europe in London.

• Security Guidance for Critical Areas of Focus in Cloud Computing