SlideShare a Scribd company logo

Global Efforts to Secure Cloud Computing

InnoTech, profile picture
InnoTech

The document discusses the Cloud Security Alliance (CSA), a non-profit organization focused on promoting the use of best practices for providing security assurance within cloud computing. It summarizes CSA's research projects including the Cloud Controls Matrix, Consensus Assessments Initiative, Cloud Audit, and Cloud Trust Protocol. It also discusses CSA's Certificate of Cloud Security Knowledge certification and training programs. The document emphasizes CSA's role in developing tools and standards to help ensure governance, risk management, and compliance in cloud computing.

TechnologyBusiness
1 of 36
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
www.cloudsecurityalliance.org
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance Cloud One million new mobile devices - each day! Social Networking Digital Natives www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org State Sponsored Cyberattacks? Organized Crime? Legal Jurisdiction & Data Sovereignty? Global Security Standards? Privacy Protection for Citizens? Transparency & Visibility from Cloud Providers? Copyright © 2013 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org Shift the balance of power to consumers of IT Enable innovation to solve difficult problems of humanity Give the individual the tools to control their digital destiny Do this by creating confidence, trust and transparency in IT systems Security is not overhead, it is the enabler Copyright © 2013 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
www.cloudsecurityalliance.org 7 enterprise boundary public clouds private clouds cloud of users Notional organizational boundary • Cloud + Mobile • Dispersal of applications • Dispersal of data • Dispersal of users • Dispersal of endpoint devices
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance https://cloudsecurityalliance.org/research/top-threats/
www.cloudsecurityalliance.org
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance Sunlight is the best disinfectant,” U.S. Supreme Court Justice Louis Brandeis
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance Control Requirements Provider Assertions
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance GRC Stack Family of 4 research projects Cloud Controls Matrix (CCM) Consensus Assessments Initiative (CAI) Cloud Audit Cloud Trust Protocol (CTP) Impact to the Industry Developed tools for governance, risk and compliance management in the cloud Technical pilots Provider certification through STAR program Control Requirements Provider Assertions
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance 2 Registered (December 2012) 30 Registered (April 2013)
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance DG 4.2: Do you have a documented procedure for responding to requests for tenant data from governments or third parties? Amazon AWS AWS errs on the side of protecting customer privacy and is vigilant in determining which law enforcement requests we must comply with. AWS does not hesitate to challenge orders from law enforcement if we think the orders lack a solid basis. Box.net Box does have documented procedures for responding to requests for tenant data from governments and third parties. SHI Customer responsibility. SHI has no direct access, so requests for data through third parties will be responded to by the customer themselves, however, SHI can sanitize and delete customer data upon migration from the cloud. Verizon/Terremark Yes
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance OPEN CERTIFICATION FRAMEWORK CONTINUOUS ATTESTATION | CERTIFICATION SELF ASSESSMENT TRANSPERANCY ASSURANCE
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance Clear GRC objectives 3rd Party Assessment Real time, continuous monitoring + + Self Assessment +
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2012 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2012 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org Our research includes fundamental projects needed to define and implement trust within the future of information technology CSA continues to be aggressive in producing critical research, education and tools Copyright © 2013 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance Previously known as Trusted Cloud Initiative Security reference architecture for cloud Architecture in use by early adopters of cloud in Global 2000 Cloud brokering To do: Management tools Technical implementation guides Documented case studies & use cases
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance Certificate of Cloud Security Knowledge (CCSK) Benchmark of cloud security competency Online web-based examination www.cloudsecurityalliance.org/certifyme Training partnerships Developing new curriculum for audit, software development and architecture Partnership with (ISC)2 for cloud security architecture certification
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org Please contact Jim Reavis at jreavis@cloudsecurityalliance. org for more information on the Cloud Security Alliance I will see you at the CSA EMEA Congress, September 24-26 in Edinburgh Copyright © 2013 Cloud Security Alliance https://cloudsecurityalliance.org/events/csa-emea-congress-2013/
www.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance

More Related Content

PDF
CSA Argentina - Jornada CXO Cloud
CSA Argentina
 
PDF
Winning Strategy For Hybrid Cloud Environments
Carl De Groote
 
PDF
Global Mandate to Secure Cloud Computing
CloudSecurityAllianceAustralia
 
PPTX
Lss implementing cyber security in the cloud, and from the cloud-feb14
L S Subramanian
 
PPTX
CSA Atlanta Chapter Meeting Q1'2013 and RSA Conference 2013 CSA Announcements
Phil Agcaoili
 
PDF
EveryCloud_Company_Intro_Piece
Paul Richards
 
PDF
Brink sanders cisco architecture keynote
Nur Shiqim Chok
 
PPTX
Cloud Security
The TNS Group
 
CSA Argentina - Jornada CXO Cloud
CSA Argentina
 
Winning Strategy For Hybrid Cloud Environments
Carl De Groote
 
Global Mandate to Secure Cloud Computing
CloudSecurityAllianceAustralia
 
Lss implementing cyber security in the cloud, and from the cloud-feb14
L S Subramanian
 
CSA Atlanta Chapter Meeting Q1'2013 and RSA Conference 2013 CSA Announcements
Phil Agcaoili
 
EveryCloud_Company_Intro_Piece
Paul Richards
 
Brink sanders cisco architecture keynote
Nur Shiqim Chok
 
Cloud Security
The TNS Group
 

What's hot (20)

PDF
Introduction to Cloud Security
Susanne Tedrick
 
PPTX
Seclore for McAfee MVISION Cloud
Seclore
 
PDF
Laser Pioneer Secures Network End-to-End to Protect Assets
Cisco Security
 
PDF
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Netskope
 
PPTX
Cloud Managed Services: Cloud Infrastructure
The TNS Group
 
PPTX
2012 10 cloud security architecture
Vladimir Jirasek
 
PPTX
Rethinking Cybersecurity for the Digital Transformation Era
Zscaler
 
PDF
The New Economics of Cloud Security
Alert Logic
 
PDF
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
YounesChafi1
 
PDF
CSA Security Guidance Cloud Computing v3.0
CloudSecurityAllianceAustralia
 
PPTX
C-Level tools for Cloud security
Vladimir Jirasek
 
PDF
Forcepoint Dynamic Data Protection
MarketingArrowECS_CZ
 
PDF
Security Everywhere: A Growth Engine for the Digital Economy
Cisco Russia
 
PDF
Security, Compliance and Cloud - Jelecos
Erin_Jelecos
 
PDF
CSA & GRC Stack
CloudSecurityAllianceAustralia
 
PPTX
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
Puneet Kukreja
 
PPTX
ATA meetup - Feb 2020 - DevSecOps
Alex Altman
 
PDF
Qualys Suite
fepinette
 
PPTX
CipherCloud's Solutions for Salesforce Chatter
CipherCloud
 
PPTX
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
Cristian Garcia G.
 
Introduction to Cloud Security
Susanne Tedrick
 
Seclore for McAfee MVISION Cloud
Seclore
 
Laser Pioneer Secures Network End-to-End to Protect Assets
Cisco Security
 
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Netskope
 
Cloud Managed Services: Cloud Infrastructure
The TNS Group
 
2012 10 cloud security architecture
Vladimir Jirasek
 
Rethinking Cybersecurity for the Digital Transformation Era
Zscaler
 
The New Economics of Cloud Security
Alert Logic
 
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
YounesChafi1
 
CSA Security Guidance Cloud Computing v3.0
CloudSecurityAllianceAustralia
 
C-Level tools for Cloud security
Vladimir Jirasek
 
Forcepoint Dynamic Data Protection
MarketingArrowECS_CZ
 
Security Everywhere: A Growth Engine for the Digital Economy
Cisco Russia
 
Security, Compliance and Cloud - Jelecos
Erin_Jelecos
 
CSA & GRC Stack
CloudSecurityAllianceAustralia
 
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
Puneet Kukreja
 
ATA meetup - Feb 2020 - DevSecOps
Alex Altman
 
Qualys Suite
fepinette
 
CipherCloud's Solutions for Salesforce Chatter
CipherCloud
 
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
Cristian Garcia G.
 
Ad

Viewers also liked (8)

PDF
JP UAE DL
Jitu Patil
 
PDF
The Evolution of Design Thinking Edoardo Stecca 848179
Edoardo Stecca
 
PDF
HGForex_IB_ES
José Alberto Huerta González
 
DOCX
Updated Afaq CV
Afaq Ahmed
 
PDF
Thoughts from WiML 2015 and NIPS 2015
Jayani Withanawasam
 
PPT
Modulo 2 jigsaw classroom 8.9.2014
webicferno
 
PPTX
Using Business Intelligence to Bring Your Data to Life
InnoTech
 
PDF
Paper 4 (ali mansouri)
Nadeem Shafique Butt
 
JP UAE DL
Jitu Patil
 
The Evolution of Design Thinking Edoardo Stecca 848179
Edoardo Stecca
 
HGForex_IB_ES
José Alberto Huerta González
 
Updated Afaq CV
Afaq Ahmed
 
Thoughts from WiML 2015 and NIPS 2015
Jayani Withanawasam
 
Modulo 2 jigsaw classroom 8.9.2014
webicferno
 
Using Business Intelligence to Bring Your Data to Life
InnoTech
 
Paper 4 (ali mansouri)
Nadeem Shafique Butt
 
Ad

Similar to Global Efforts to Secure Cloud Computing (20)

PDF
Why CSA Australia
CloudSecurityAllianceAustralia
 
PPTX
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...
SOASTA
 
PPTX
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...
SOASTA
 
PDF
Zero trust strategy: cloud security by design
accenture
 
PDF
CCSK, cloud security framework, Indonesia
Wise Pacific Venture
 
PDF
Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without co...
Mark Silverberg
 
PDF
Cloud Architect Company in India
Regumsoft Technologies
 
PDF
Is the Cloud ready for Your Firm?
SS&C Advent
 
PPTX
Webinar: CYREN WebSecurity for Enterprise
Cyren, Inc
 
PPTX
2014 2nd me cloud conference trust in the cloud v01
promediakw
 
PDF
EveryCloud_Company_Intro_Piece
Keith Purves
 
PDF
Keys to success and security in the cloud
Scalar Decisions
 
PDF
Keys-to-Success-and-Security-in-the-Cloud
patmisasi
 
PDF
Secure Your Sky_ Mastering Cloud Web Security.pdf
NK Carpenter
 
PPT
3245224.ppt
ahmad21315
 
PDF
Advantages of Cloud Computing for Business
Grazitti Interactive
 
PPTX
Top 5 predictions webinar
Zscaler
 
PDF
Building a Resilient Cloud Security Architecture: Types, Challenges, and Best...
Cyntexa
 
PDF
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
DataSpace Academy
 
PDF
Appi fi
AirTight Networks
 
Why CSA Australia
CloudSecurityAllianceAustralia
 
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...
SOASTA
 
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...
SOASTA
 
Zero trust strategy: cloud security by design
accenture
 
CCSK, cloud security framework, Indonesia
Wise Pacific Venture
 
Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without co...
Mark Silverberg
 
Cloud Architect Company in India
Regumsoft Technologies
 
Is the Cloud ready for Your Firm?
SS&C Advent
 
Webinar: CYREN WebSecurity for Enterprise
Cyren, Inc
 
2014 2nd me cloud conference trust in the cloud v01
promediakw
 
EveryCloud_Company_Intro_Piece
Keith Purves
 
Keys to success and security in the cloud
Scalar Decisions
 
Keys-to-Success-and-Security-in-the-Cloud
patmisasi
 
Secure Your Sky_ Mastering Cloud Web Security.pdf
NK Carpenter
 
3245224.ppt
ahmad21315
 
Advantages of Cloud Computing for Business
Grazitti Interactive
 
Top 5 predictions webinar
Zscaler
 
Building a Resilient Cloud Security Architecture: Types, Challenges, and Best...
Cyntexa
 
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
DataSpace Academy
 
Appi fi
AirTight Networks
 

More from InnoTech (20)

PDF
"So you want to raise funding and build a team?"
InnoTech
 
PDF
Artificial Intelligence is Maturing
InnoTech
 
PDF
What is AI without Data?
InnoTech
 
PDF
Courageous Leadership - When it Matters Most
InnoTech
 
PPTX
The Gathering Storm
InnoTech
 
PPTX
Sql Server tips from the field
InnoTech
 
PPTX
Quantum Computing and its security implications
InnoTech
 
PPSX
Converged Infrastructure
InnoTech
 
PPTX
Making the most out of collaboration with Office 365
InnoTech
 
PPTX
Blockchain use cases and case studies
InnoTech
 
PPTX
Blockchain: Exploring the Fundamentals and Promising Potential
InnoTech
 
PDF
Business leaders are engaging labor differently - Is your IT ready?
InnoTech
 
PDF
AI 3.0: Is it Finally Time for Artificial Intelligence and Sensor Networks to...
InnoTech
 
PDF
User requirements is a fallacy
InnoTech
 
PDF
What I Wish I Knew Before I Signed that Contract - San Antonio
InnoTech
 
PPTX
Disaster Recovery Plan - Quorum
InnoTech
 
PPTX
Share point saturday access services 2015 final 2
InnoTech
 
PDF
Sp tech festdallas - office 365 groups - planner session
InnoTech
 
PPTX
Power apps presentation
InnoTech
 
PPTX
Using rest to create responsive html 5 share point intranets
InnoTech
 
"So you want to raise funding and build a team?"
InnoTech
 
Artificial Intelligence is Maturing
InnoTech
 
What is AI without Data?
InnoTech
 
Courageous Leadership - When it Matters Most
InnoTech
 
The Gathering Storm
InnoTech
 
Sql Server tips from the field
InnoTech
 
Quantum Computing and its security implications
InnoTech
 
Converged Infrastructure
InnoTech
 
Making the most out of collaboration with Office 365
InnoTech
 
Blockchain use cases and case studies
InnoTech
 
Blockchain: Exploring the Fundamentals and Promising Potential
InnoTech
 
Business leaders are engaging labor differently - Is your IT ready?
InnoTech
 
AI 3.0: Is it Finally Time for Artificial Intelligence and Sensor Networks to...
InnoTech
 
User requirements is a fallacy
InnoTech
 
What I Wish I Knew Before I Signed that Contract - San Antonio
InnoTech
 
Disaster Recovery Plan - Quorum
InnoTech
 
Share point saturday access services 2015 final 2
InnoTech
 
Sp tech festdallas - office 365 groups - planner session
InnoTech
 
Power apps presentation
InnoTech
 
Using rest to create responsive html 5 share point intranets
InnoTech
 

Recently uploaded (20)

PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PDF
GDG Cloud Iasi [PUBLIC] Florian Blaga - Unveiling the Evolution of Cybersecur...
athlonica
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
Bridging biosciences and deep learning for revolutionary discoveries: a compr...
IAESIJAI
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
KodekX | Application Modernization Development
KodekX
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Cloud computing and distributed systems.
kkkkkhan
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
GDG Cloud Iasi [PUBLIC] Florian Blaga - Unveiling the Evolution of Cybersecur...
athlonica
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Bridging biosciences and deep learning for revolutionary discoveries: a compr...
IAESIJAI
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
KodekX | Application Modernization Development
KodekX
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Approach and Philosophy of On baking technology
30anthuong17
 

Global Efforts to Secure Cloud Computing

Editor's Notes

  • #10: Will my provider be transparent about how they manage their systems, organization governance, etc?Will I be considered compliant?Do I know where my data is?Will a lack of standards drive unexpected obsolescence? Is my provider really better at security than me?Are the hackers waiting for me in the cloud?Will I get fired?How can we gracefully “lose control” of IT
  • #17: The CSA Security, Trust & Assurance Registry (STAR) is a free, publicly accessible registry that documents the security controls provided by various cloud computing offerings, thereby helping users assess the security of cloud providers they currently use or are considering contracting with.CSA STAR is open to all cloud providers, and allows them to submit self assessment reports that document compliance to CSA published best practices. The searchable registry will allow potential cloud customers to review the security practices of providers, accelerating their due diligence and leading to higher quality procurement experiences. CSA STAR represents a major leap forward in industry transparency, encouraging providers to make security capabilities a market differentiator.
  • #19: Sample entry from Verizon Terremark
  • #20: We can start having fun scrutinizing entries!