IT Compliance Advisor

Aug 29 2011   6:10PM GMT

Cloud Security Alliance seeks transparency over secrecy for compliance



Posted by: Fohlhorst
Tags:
CIO
Cloud Security

The Cloud Security Alliance is launching a new program for gathering information on how cloud service providers are securing their services and meeting compliance initiatives.

The CSA Security, Trust & Assurance Registry (STAR) program enables cloud service providers to submit self-assessment reports that document compliance regarding best practices published by the alliance. According to the CSA, the searchable registry will allow potential cloud customers to review the security practices of providers and determine the level of compliance offered — or better yet, learn from the best how to secure their own cloud initiatives.

Some may find this a bit disconcerting and will worry that transparency will expose them to attacks and breaches. However, transparency also leads to better understanding and improvements in security by exposing possible flaws and weaknesses.

STAR offers a “major leap forward in industry transparency, encouraging cloud service providers to make security capabilities a market differentiator,” according to a CSA release. CSA STAR will be available in the fourth quarter. Cloud providers can submit two different types of reports — the Consensus Assessments Initiative Questionnaire and the Cloud Controls Matrix.

Find out more at www.cloudsecurityalliance.org/star/.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: