June 27, 2010 Leave a comment
If you haven’t come across the CSA before, then here’s a brief introduction and few interesting bits to go with it….
Who are they?
“The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, the Cloud Security Alliance Web site is www.cloudsecurityalliance.org.”
Trusted Security Certification
Novell and the Cloud Security Alliance (CSA) announced in March 2010 the vendor-neutral initiative for the Trusted Security Certification program. I’m not sure how busy they are with this in the background, but I’m certainly hopeful that this will help to drive cloud adoption. Of course – once the certification exists, vendors need to adopt and comply, otherwise, it’s just going to be another certification with no weight. This is most certainly a topic I’ll be keeping an eye on. Read more here..
You can download and read (or glance over) v2.1 of the “Security Guidance for Critical Areas of Focus in Cloud Computing” document for some very helpful information if you feel a little lost when people are talking about cloud-computing and what it entails. This document deals with 3 main (and very important) areas being: architecture, governance and operations.
Another useful document to scan/read is Top Threats to Cloud Computing. CSA have done a good job of summarizing some of the threats and categorizing in a fairly quick and easy way to digest.
Keep it going…
The CSA might not be the only organization out there trying to guide security standards for cloud computing, however, they are most certainly an important one which makes them an organization worth mining for information on a regular basis.