MSPAlliance Issues Guidelines for Cloud Security, Transparency

The International Association of Cloud & Managed Service Providers (MSPAlliance) has released guidelines designed to provide businesses of all sizes information and knowledge so they can make smart and informed decisions regarding how their data interacts with the cloud. The guidelines, based in part on the Unified Certification Standard for Cloud & Managed Service Providers (UCS), also utilize the MSPAlliance Code of Ethics and Conduct, as well as the Consumer Bill of Rights.

According to a press release issued by MSPAlliance, the guidelines will be further illustrated in a white paper currently being developed that will be available to the public sometime this summer. Highlights of these guidelines include:
·    Communication to businesses about location of their data.

·    Disclosure to the business customer of any third parties who may have a meaningful access to that customer data.

·    Established controls that govern how third party service providers should handle sensitive customer data.

·    Controls for how service providers deal with both public and private cloud environments.

·    Transparency requirements for service providers when communicating with customers and prospects related to sensitive data.

Ethical, financial, and security controls governing how service providers handle customer data.