Grant Thornton join consortium for global research into cloud security
Seeing the increased trend in cloud computing, Grant Thornton’s Forensic investigation team in the Netherlands have joined a European led consortium to address the security issues surrounding the cloud.
CIRRUS (Certification, InteRnationalisation and standaRdisation in cloUd Security) is made up of six international organisations and is further supported by computer giants, governments and universities who will all spend the next two years researching the security and forensic issues surrounding cloud computing and how best to tackle the issues that arise. This is a European project taking the lead to work towards global standardisation of cloud security and to share 'best practices' from the ICT industry, science, governments/investigative services and users. The aim is to make cloud computing safer, better and more attractive.
The consortium will be led by Atos from Spain and its partners Cloud Security Alliance, Austrian Standards Institute, Portakal Teknoloji from Turkey, the Information Technology Promotion Agency of Japan and Grant Thornton from the Netherlands. Representatives of companies such as Google, Microsoft and IBM sit on the International Advisory Board. Governments and universities from Canada, Ireland, the Netherlands and the UK are also involved.
Grant Thornton will be investigating the way in which cloud-based forensic IT investigations can be strengthened. This includes issues such as (better) standardisation and certification.
Mark Hoekstra, Partner at Grant Thornton Netherlands commented:
"Cloud-based forensic IT investigations are still in their infancy. For law enforcement and for private investigative services, it's a question of whether the data stored on local servers regarding organisations or people is also available for (fraud) investigations if this data is in the cloud. From a legal point of view, this data exists in a complex, virtual environment. It is not always clear in which country data is located or who has changed, erased or manipulated data and at which location. This leads us to ask what jurisdiction determines the legal context in which the data investigation must take place and under what conditions is unrestricted access possible? And if that access is already there, how much time is needed and how many international legal procedures are necessary to retrieve or transport the data? In short, there is a need for global standards when it comes to cloud-based forensic IT investigations."
Grant Thornton is one of the world's leading organisations of independent assurance, tax and advisory firms. These firms help dynamic organisations unlock their potential for growth by providing meaningful, actionable advice through a broad range of services. Proactive teams, led by approachable partners in these firms, use insights, experience and instinct to solve complex issues for privately owned, publicly listed and public sector clients. Over 31,000 Grant Thornton people, across 100 countries, are focused on making a difference to clients, colleagues and the communities in which we live and work.
Grant Thornton International is a non-practicing, international umbrella entity organised as a private company limited by guarantee incorporated in England and Wales. References to "Grant Thornton" are to the brand under which the Grant Thornton member firms operate and refer to one or more member firms, as the context requires. Grant Thornton International and the member firms are not a worldwide partnership. Services are delivered independently by member firms, which are not responsible for the services or activities of one another. Grant Thornton International does not provide services to clients.
*All references to Grant Thornton International in the press release and this “Notes to editor” section are to Grant Thornton International Ltd. Grant Thornton International Ltd is a non-practicing, international umbrella entity organized as a private company limited by guarantee incorporated in England and Wales.