Cloud Service Certification
Description
Attachments
Confluence content
Activity
Maurizio Pillitu May 13, 2019 at 2:09 PM
All repo invitations have been accepted, marked contribution as completed. Thanks!
Maurizio Pillitu March 5, 2019 at 8:43 AM
GitHub permissions configured, invitation pending on https://github.com/finos-fdx/cloud-service-certification/invitations
Maurizio Pillitu March 1, 2019 at 5:58 PM
Created the following infrastructure:
1. https://finosfoundation.atlassian.net/wiki/spaces/FDX/pages/904626436/Cloud+Service+Certification+Working+Group - Jason can edit
2. fdx-cloud-service-certification@finos.org , also see https://groups.google.com/a/finos.org/forum/#!forum/fdx-cloud-service-certification - Jason is admin
3. https://github.com/finos-fdx/cloud-service-certification - I'll make Jason admin as soon as we get the GitHub ID
We'll wait for a confirmation of access before closing this ticket.
Thanks.
Maurizio Pillitu February 28, 2019 at 5:34 PM
Great, I have all the info needed to move forward with the infrastructure, should be all ready by tomorrow.
Jason Nelson February 28, 2019 at 2:55 PM
Agreed. Cloud Service Certification works for me.
Details
Details
Assignee
Jason NelsonReporter
Jason Nelson
Business Problem
Use Case:
Banks strives to use services provided by AWS, Azure, Google.
To do so requires each service be configured and implemented in a way that meets existing regulatory and internal security controls.
Need to move quickly as to keep up with business unit demands for cloud.
Proposed Solution
The combination of project and working group will help solve the problem by providing a common place to share content focused on this industry challenge and have a collaboration between industry members to develop best of breed solutions. The focused project and collaboration with other banks will increase the amount of controls produced and increase the rate of adoption of cloud services.
Current State
Current State before this project
Majority of cloud security incidents due to misconfiguration: Services are not secure by default, configuration is often complex, nuanced and difficult to validate.
All financial institutions are re-inventing the wheel: Institutions have similar control frameworks, we are all trying to secure and stand up the same providers and services.
This takes significant time and resources, delaying innovation: 6 - 18 months elapsed time, every institution is fact finding with cloud providers
Results vary: No guidance on how to implement controls, in-depth cloud service knowledge required to deliver this, we are not the cloud provider security experts
Proposed State with this project
Set quality standards across artefacts: Members of all tiers can contribute to the project and ensure a common high level of quality is delivered and in less time.
Encourage cloud vendors to produce more industry specific content: Member Participation and public release of the Accelerators will encourage cloud vendors to project more focused and quality content for Financial Services Industry.
Existing Materials
No content is publicly shared at this point.
Development Team
Please defer to list provided earlier. Further names will be included by external banks that requested to participate.