Box.com forges new cloud security model

Grazed from ComputerWeekly. Author: Warwick Ashford.

The time has come for service providers and consumers to move to a security model better suited to the cloud computing era, says cloud-based content management and collaboration firm Box.com. The firm has pursued transparency or openness as a key policy to establish trust with customers concerned about security in the cloud environment.

Customers are able to access all activity and transactions related to their content and even download that data to their security information and event management (Siem) systems. They also have access to SOC1, SSAE16, SOC2, ISO27001 and internal audit reports and quarterly penetration test reports. Box.com even allows customers to perform their own penetration tests…

In pursuit of greater transparency, Box.com has also achieved compliance with the US health sector HIPPA standard and is working on compliance with the US government FedRAMP cloud security assessment programme…

Read more from the source @ http://www.computerweekly.com/news/2240204033/Boxcom-forges-new-cloud-security-model