3. Developed first comprehensive best practices for secure cloud computing,
Security Guidance for Critical Areas of Focus for Cloud Computing
(updated October 2011)
First and only user certification for cloud security, the CCSK
(Certificate of Cloud Security Knowledge, September 2010)
Tools for managing Governance, Risk and Compliance in the Cloud
Registry of cloud provider security practices, the CSA STAR
(Security, Trust & Assurance Registry, Q4 2011)
First and only multi-tenant security controls framework adapted for cloud (CSA
CCM)
Industry leading security practices, education and tools developed by 20+
working groups
Selection of CSA venue by US White House to announce the US Federal Cloud
Strategy in 2011
Leadership in developing new security standards addressing cloud computing
Trusted advisor to governments and Global 2000 firms around the world
“To promote the use of best practices for providing security assurance within Cloud
Computing, and provide education on the uses of Cloud Computing to help
secure all other forms of computing.”
www.cloudsecurityalliance.org
Research is the crown jewel of CSAThe objective of CSA research is to develop best practices, guidelines, white papers and frameworks that will be conducive in building trust into the CloudAs a result, consumers can go to the cloud securely with confidence. Cloud service provider can use our work as a baseline to address interoperability and security issues, where assurance is assessable continuously and automatically. Switching costs to consumers is reduced to a minimum and a dynamic cloud eco-system is hence created to allow for acceleration of cloud adoption
The CSA Guidance is our flagship research that provides a broad catalog of best practices. It contains 13 domains to address both broad governance and specific operational issues. This Guidance is used as a foundation for the other research projects in the following slides that relate to compliance.
Do visit the websiteDo join the LinkedIn Groups – you will receive regular email updates