New standard claims to alleviate cloud security concerns
- 01 October, 2013 15:51
The Cloud Security Alliance (CSA) and BSI have launched a technology-neutral certification they claim provides an additional layer of transparency around security controls used by cloud service providers.
Under the STAR Certification program, service providers will be able to give prospective users a greater understanding of their levels of security controls, the CSA and BSI said in a statement.
The new certification is based on achieving ISO/IEC 27001 and the criteria outlined in the Cloud Controls Matrix, a set of criteria that measures the capability levels of a cloud service.
There are 11 control points in this matrix including compliance, data governance, facility security, human resources, information security, legal, operations management, risk management, release management, resiliency and security architecture.
An independent assessment by an accredited body will assign a ‘management capability score’ to each of the 11 control points and each control is scored on a specific maturity and will be measured against five management principles, the companies said.
Nick Koukoulas, managing director at BSI (incorporating NCSI), said consumers and cloud providers have been asked for an independent, technology-neutral certification “to help them make more informed decisions about the services they purchase and use”.
“Many organisations are wary of cloud services due to a variety of security concerns. STAR Certification will help alleviate this problem, as it will provide organisations and consumers with a clear benchmark on which to evaluate the performance of a cloud service provider,” he said.
Join the Computerworld Australia group on Linkedin. The group is open to IT Directors, IT Managers, Infrastructure Managers, Network Managers, Security Managers, Communications Managers.
- Virtualisation and Cloud Computing: Optimised Power, Cooling and Management Maximises Benefits
- Best Practices to Make BYOD Simple and Secure
- Deploying Flash in the Enterprise: Cost Comparison
- Top 10 tips for Migration
- Power of Three: Building Mobile Initiatives Guided by Business Goals, Technology and Governance
- NAB plans customer migration to NextGen platform
- A/NZ College of Anaesthetists to expand campus security monitoring
- Credit Union Australia signs Good Technology to secure 400 devices
- Taxi startup ingogo hails $3.4 million in latest funding round
- Updated: Federal Court dismisses Aust Post trade mark appeal
Amazon drones are 'fantasy,' says eBay CEO
Training critical to Australia tapping broadband potential: CSIRO
US faces major Internet image problem, former gov't official says
Why CIOs stick with cloud computing despite NSA snooping scandal
Telstra hits 300 Mbps in LTE-A trial