by Hamish Barwick

NAB testing Cloud security provider standards

Mar 02, 20122 mins
Cloud ComputingCloud SecurityIT Management

The National Australia Bank (NAB), a member of the Open Data Centre Alliance (ODCA), has announced plans for an evaluation of the ODCA’s security provider assurance usage model.

The usage model audits and ranks external security providers as either platinum (military grade), gold (financial services grade), silver (enterprise grade) or bronze (standard grade).

Cloud providers are audited on how they handle vulnerability management, network and firewall isolation, identity management, security incident monitoring, data retention and deletion.

In-depth:Legal issues in the Cloud.

“The financial services industry is focused on ensuring secure control of data and related infrastructure at all times,” NAB chief information officer, Adam Bennett, said in a statement.

“To fully take advantage of Cloud solutions, our security service level agreements [SLAs] must extend across all computing environments regardless of whether we are using a dedicated Cloud service via a private Cloud or a service shared with other subscribers via a public Cloud,” he said.

Bennett added that the security provider requirements specified by ODCA provide a great step forward towards NAB’s secure delivery of Cloud offerings.

Read more about NAB’s private Cloud journey at

In addition to the security provider assurance usage model, the ODCA has launched a request for proposal (RFP) online tool to help make Cloud and IT purchasing decisions easier for end users.

The tool will allow companies access to RFP language based on product categories and Cloud usage model requirements.

According to the ODCA, the public release of the tool will help companies deploy open Cloud offerings in preparation for a forecast $50 billion investment in Cloud computing over the next two years.

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow CIO Australia on Twitter: @CIO_Australia