In a rush to take advantage of the technology, companies migrating and adopting cloud based computing services, may not fully understand security implications of cloud computing certification or cloud security standard, which includes confidentiality, integrity, availability, and accountability.
On a public cloud, companies are sharing computing resources with many other companies. Therefore, there are very little or no control over where the resources are run. As such, placing large amounts of sensitive data in a globally accessible location makes resources vulnerable to unauthorized access by hackers.
In addition, crucial component such infrastructure, platforms, or applications gets compromised, the entire cloud environment may be breached. This is where cloud security standards can enable consistent communications relating to terminologies, procedures, and processes to all stakeholders, in order to achieve this cloud computing certification.
In order to help businesses understand cloud computing certifications provided by different cloud service providers (CSPs), the SS 584, which is the Multi-Tier Cloud Security Standard for Singapore (MTCS SS), was introduced, and is the world’s first cloud security standard that covers multiple tiers.
While this cloud security standard is voluntary, it is mandatory for CSPs participating in bulk tenders from the Government. TÜV SÜD is one of the qualified certification bodies identified by Infocomm Development Authority of Singapore (IDA) and SPRING to conduct the cloud computing certification for CSPs, against the MTCS Standard. SS 584 (MTCS) has three different tiers of cloud security, Tier 1 being the base level and Tier 3 being the most stringent.
Designed for non-business critical data and systems with basic security control, that address security risks and threats targeting low-impact information systems. (e.g.: Web site hosting public information)
Designed for organizations that use cloud services to protect business or personal information, and run critical business data and systems in a moderate impact information systems. CSPs in this tier have more stringent security controls (e.g.: Email / CRM – Customer relation management systems)
Designed for companies with specific needs and more stringent security requirements. Industry specific regulations may also be applied, to supplement and address security risks and threats, in a high impact information systems using cloud services (e.g.: Financial / Medical records)
TÜV SÜD offers a comprehensive range of certification solutions, including cloud computing certification (SS 584 MTCS).
As an independent body, we provide objective and farsighted recommendations to optimize products and services of our clients, according to this cloud security standard. We can help customers to ensure that the best practices in information security are being adopted, and to harness the maximum potential that are technologically possible, with SS 584 MTCS cloud security standard
TÜV SÜD has many years of experience safety and sustainability solutions provider that specializes in testing, inspection, auditing, certification, training and knowledge services, and is one of the leading certification bodies providing quality management systems certifications. Our reports and certificates are widely accepted around the world. You can also be assured of its objectivity, accuracy and independence.