If you think of Amazon.com
The latest sign of that is this morning's announcement that the EC2 and Virtual Private Cloud cloud-computing services, along with the S3 cloud storage platform, have achieved the ISO 27001 security certification. The less stringent SAS70 certification has been in place for more than a year, and that's still all the cloud security endorsement fellow e-services provider Google
One common objection against cloud services is that no IT manager in his or her right mind would outsource proprietary and sensitive data to a third-party service such as Amazon EC2 or a server in some nameless Google data center. These certifications are designed to ameliorate that concern, by showing that the companies have a lasting commitment to privacy and data security. ISO 27001 certification is a lengthy three-step process at the hands of an approved auditor -- Ernst & Young's CertifyPoint service, in Amazon's case, which makes sense given that E&Y also audits Amazon's financial health.
Neither Amazon nor its rivals would go through these costly and sometimes painful proceedings without a carrot at the end of the stick, of course. "I can tell you that we'll continue to pursue certifications that are important to larger customers and customers in the federal space," Amazon's PR handler Kay Kinton tells me. It's worth the cost and inconvenience to get certified if it helps you land a few fat corporate customer accounts.
And it looks like Amazon's trust-building efforts are working. I mean, Netflix
When will Amazon's computing services become large enough to merit breaking its numbers out in quarterly reports? And when will e-tailing operations become a sideshow to Amazon's new core business? Think I'm jumping to crazy conclusions? Laugh all you want, but do it in public -- the comments box is waiting below for your jokes.