(206) 838-5400
Contact Us
Hubspan Connections Blog
 
Sign up for our free expert email series
 
Contact Us

See how Hubspan can help solve your integration challenges.

verification image, type it in the box

* marks required field

 
Case Studies
Hubspan Survey
 
« Back to Hubspan Connections Blog

CSA: Driving Best Practices in Cloud Security

Posted by on September 19, 2011

It is always a healthy exercise to test our theories and biases about how we think the world should work against the facts that present themselves.  The Cloud Security Alliance (CSA) has worked to encourage responsible adoption of cloud computing, in large part by leveraging our catalog of security best practices.

Our premise at CSA is cloud computing is sure to be the dominant foundation of information systems in the future.  We believe that today, in the aggregate, cloud computing is a more efficient, reliable, economical and – yes, more secure alternative to traditional IT options.

The analyst firm Aberdeen Group recently conducted research to understand how broadly the Cloud Security Alliance’s best practices were being adopted by the industry.  Their findings were heartening. Not only did they find the practices being used significantly, but their usage was measurably improving the industry’s security posture.

One of our newest initiatives is CSA STAR (Security, Trust and Assurance Registry).  The purpose of this registry is to provide a repository for cloud providers to post information about their security practices that can be scrutinized publicly.  We think this information will be enormously useful for customers, both for assisting in service procurement as well as in understanding the additional controls they may be responsible for employing to assure they attain the appropriate level of security.

We think that providers will compete to provide better security, and that market forces will continue to improve the resiliency of the cloud.

This initiative complements are previous work around cloud security guidance, which is in its third version, a cloud controls matrix, PCI DSS compliance training, and our certificate of cloud security knowledge.  These materials are relevant to both cloud providers and companies evaluating or using cloud solutions.

CSA will continue to drive guidance and programs to help create a culture of cloud security best practice. We hope these can serve as a basis for your own cloud policies and best practices.

 

In my next blog, I will discuss some fallacies of when clouds go “down”. 

Tags: , , ,

No Comments »

No comments yet.

Leave a comment

© 2012. All rights reserved.



Site by Portent, an Internet Marketing Company