Despite concerns from skeptics about the security and reliability of cloud when it comes to protecting sensitive data, many cloud computing companies are taking strong steps to mitigate risk and try to prove to potential customers they are doing everything they can to improve security. The latest such announcement comes from Centrify, which provides unified identity services across cloud, data center and mobile. Centrify recently earned a SOC 2 (service organization control) credential, as well as the TRUSTe Certified Privacy Seal.
Security credentials aren't given out lightly. For the SOC 2 designation, Centrify had to undergo an examination of its internal controls over the security, availability and confidentiality of customer data. The company made through the audit for its Centrify Cloud Service. Similarly, TRUSTe examines service providers' privacy statements and practices in protecting customer data.
"A SOC examination is a rigorous test for a company to pass," said Jason Stork, senior manager at Frank, Rimerman + Co. LLP, which performed the SOC 2 audit, in a prepared statement. "Centrify has worked hard over an eight-month period to establish strong controls over its cloud operations and effectively implement them. We tested more than 100 controls related to data security, availability and confidentiality and noted no exceptions in these controls from Centrify."
Where sensitive data is concerned, customers aren't very forgiving when it comes to lax security or breaches, and there seems to be more pressure being put on cloud companies to take proper precautions. Look at the number of store and sync competitors that have put pressure on Dropbox because of the company's much-publicized security issues in the past. A single security problem can make winning over potential customers or making existing customers happy difficult, at best.
Cloud service providers that do their due diligence to protect customer data end up not only giving their customers peace of mind, but also themselves.