The CIF Self Certification process, as managed by CIF’s independent certification partner, APM Group, enables Cloud Service Providers to demonstrate transparency, accountability and capability to end users in a manner that allows the potential customer to make an informed decision about what the vendor offers.
The use of the CIF Certification Mark on a vendor’s website serves two clear purposes: it makes a public declaration of professional and commercial intent on the part of the cloud service provider and it provides a visual mark of recognition that engenders confidence in the end user that the organisation is open and professional in its commercial activities.
Rise: Microsoft Partner of the Year
In 2011 Fasthosts, the UK’s largest web hosting company launched Rise, an Infrastructure-as-a-Service provider dedicated to the channel.
Rise, provides cloud and dedicated infrastructure as well as end-to-end solutions for channel partners to either resell, or offer as a white label service under their own brand. Rise enables thousands of resellers to move into the lucrative cloud computing space.
James Henigan, product and IT services director at Rise, states: “There is a lot of talk about cloud computing and much of it is hype right now. Vendors obviously thought that if they made enough noise then consumers would find them but that’s not how many small and mid sized businesses in particular buy IT. They’re aware of the cloud, but are often confused about what it delivers and how they can utilise it, and usually rely on a third party ‘trusted advisor and supplier’ to guide them. What we address with Rise is how SMBs buy IT, not just why they should. By providing cloud services to the channel partners, we’re enabling those companies that have the trusted relationship with the end customer to deliver the benefits in a way that is clearly understood by the customer.”
Founder member
Rise was also one of the founding members of the Cloud Industry Forum and from the outset saw the commercial value of CIF’s Code of Practice.
James Henigan continued: “The evidence indicates that the cloud is affording all businesses, large or small, public or private, the flexibility they need to adapt to the ever changing business climate on commercial terms that make it accessible. However, end users are looking for clear guidance, a benchmark if you like, to measure suppliers in the market against. This is why we view the CIF Code of Practice and its Certification process as essential in building trust throughout the market and is an initiative that Rise are fully committed to.”
Certification process
Simon Yeoman CS Director, Rise, was tasked with the process: “We are already PCI compliant and are working toward ISO27001. Both these standards are more established and therefore arguably easier to understand. However, as we entered the Certification process it became clear that the CIF Certification process was a similar experience.”
“While there was a lot of information to hand from work we had done on other standards, CIF Certification demanded the creation of a dedicated project charter, team and plan. That was a straightforward process for us given our historic focus on standards,”
“However, we did need to create a number of new operational processes and documents to demonstrate our compliance. These relate to transparency (information already published on our web site; and provided in commercial proposals); and relating to capability as demonstrated by documented internal management systems,” he continued. “Overall the process took no more than a few months from beginning to end.”
The benefits
James Henigan continued: “The process improvements we have put in place have made our organisation more transparent by providing more important information to potential customers and partners up front,”
“Furthermore, it has put more rigour into our operations through the creation and adoption of processes to manage key elements. At the end of the day the key benefit is for our customers in turn as it promotes online confidence and trust in our brand by ensuring that we offer appropriate transparency about our business and services, a commitment to operational capabilities and practices, and executive accountability for the declarations made to achieve Certification,” he concluded.
By achieving Certification the Cloud Service Provider enables the end user to have confidence that they can access relevant and meaningful information in a structured way that has been accepted by the Cloud Industry Forum to enable rational assessment.
The role of APM Group
APM Group, CIF’s independent certification partner, manages and monitors the CIF Self Certification process. They are tasked with overseeing the entire Self Certification process, from the initial application through to certification. As such, APM Group is able to offer guidance and advice to CSPs on the certification process as they apply for recognition against the CIF Code of Practice.
Richard Pharro, CEO of APM Group, commented: “Ultimately, end users are looking for assurances when they migrate to the Cloud. The fact that 78 percent of Cloud users, and future users, see value in working with a CSP that has certified against a relevant standard is testament to this. Certification schemes, such as CIF’s Code of Practice, provide CSPs with the means to secure independent validation that their services meet recognised security and quality standards and provide Cloud users with comfort and confidence in services provided.”