China To Introduce Cloud Trust Rating
Move could lock out foreign cloud providers not passing security tests
China will provide a trust rating of cloud computing vendors, with only those passing strict benchmarks for security allowed to be involved in governmental schemes.
The move could mean foreign cloud providers would be locked out of the Chinese market, an expert told China Daily.
Full security clearance
“Only companies that get full security clearance from the government will be allowed to join Smart City and various other government-funded projects, said Zuo Xiaodong, VP of the China Information Security Research Institute.
“The basic idea of the security rating mechanism is to find trustworthy hardware, software and service providers to ensure that the government has total control of the entire ecosystem,” Zuo said.
China Daily reported industry sources as saying China wants overseas IT providers to be out of the government procurement market by 2020, deeming homegrown firms safer. Companies such as Huawei and Sugon are also keen to replace foreign firms in government contracts. Sugon, which offers cloud infrastructure services, has already replaced VMware on a cloud project in Jiangsu province.
The United States has a similar trust scheme which is called the Federal Risk and Authorization Management Program (FedRAMP).
It was started two years ago and was made for standardising security assessments of cloud vendors used in US government services. The scheme has been particularly friendly to two US cloud providers, Microsoft Azure and Amazon Web Services.
Are you clued up with famous hackers? Take our quiz here!