Cloud Computing Strategies for the CIO
Email Alerts
-
CSA launches cloud security certification initiative for service providers
Plan calls for working with certification bodies, government agencies, as well as an independent CSA certification. News | 10 May 2012
-
CSA at RSA 2012: International cloud computing security standards needed
Cloud providers and security experts discuss need for uniform rules that apply across international boundaries News | 27 Feb 2012
-
Cloud computing security issues on tap at RSA Conference 2012
Data privacy, cloud security standards among the topics to be discussed. News | 16 Feb 2012
-
FedRAMP cloud computing standards initiative spurs optimism, criticism
Federal cloud security framework aims to speed cloud security assessments and agency cloud adoption. News | 12 Jan 2012
-
Federal officials launch cloud computing security standards initiative
FedRAMP establishes standard approach for federal agencies to assess cloud providers. News | 08 Dec 2011
-
CSA Congress roundup: Cloud SLAs, compliance and 7 dirty words
Topics highlight array of cloud security challenges News | 18 Nov 2011
-
Updated CSA guidance offers tips, advice on cloud-based security
Updated CSA guidance offers practical tips and advice on cloud-based security News | 17 Nov 2011
-
Cloud risk management: CSA on its Cloud Controls Matrix
Co-chair of CSA project talks about the CCM and how organizations can leverage it. News | 03 Oct 2011
-
CSA cloud provider registry aims to boost cloud transparency
Free online registry will provide documentation of cloud provider security controls. News | 04 Aug 2011
-
ISACA releases cloud computing governance guide
Guide explains how organizations can leverage COBIT to manage their cloud computing environments. News | 25 Jul 2011
- See More: News on Cloud Computing Frameworks and Standards
-
Development of NIST cloud security guidelines a complex process
Several public-private partnerships are working to develop specifications to support the NIST roadmap. Tip
-
Using SSAE 16 standard, SOC reports to assess cloud provider security
The SAS 70 report has been replaced by the SSAE 16, but how does it stack up as a tool to measure a provider’s security? Tip
-
NIST guidance cites cloud security gaps, need for standards
The NIST roadmap was designed to foster government cloud adoption but is helpful for private businesses as well. Tip
-
Book chapter: Cloud security assessment techniques
In this book chapter from Securing the Cloud, author J.R. “Vic” Winkler provides tools that can be used to evaluate the security of a cloud provider. Tip
-
Cloud security standards provide assessment guidelines
The Cloud Security Alliance Cloud Controls Matrix helps cloud providers and customers to evaluate security controls. Tip
-
Secure cloud computing how-to documents
Ernie Hayden explains where providers should go to obtain the guidance necessary to manage security in a cloud computing project. Tip
-
SSAE 16
SSAE 16, also called Statement on Standards for Attestation Engagements 16, is a regulation created by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) for redefining and updating how service compan... Definition
-
Cloud Controls Matrix
The Cloud Controls Matrix is a baseline set of security controls created by the Cloud Security Alliance to help enterprises assess the risk associated with a cloud computing provider. Definition
-
CloudAudit
CloudAudit is a specification for the presentation of information about how a cloud computing service provider addresses control frameworks. The specification provides a standard way to present and share detailed, automated statistics about performan... Definition
-
Trusted Cloud Initiative
The Trusted Cloud Initiative is a program of the Cloud Security Alliance industry group created to help cloud service providers develop industry-recommended, secure and interoperable identity, access and compliance management configurations and pract... Definition
-
Tim Rains on cloud computing security standards, provider transparency
In this video from RSA Conference 2012, Microsoft’s Tim Rains talks about emerging cloud security standards efforts and customers need for visibility into cloud provider security. Video
-
Jose Granado on securing cloud computing, data management
Ernst & Young’s Americas security services chief discusses securing cloud computing, data management in the cloud and cloud security standards. Video
-
Gartner’s Neil MacDonald on lacking cloud computing security standards
The Gartner VP discusses lacking cloud computing security standards, as well as advice for enterprises seeking to get a handle on cloud computing security. Video
-
Google Apps security director discusses compliance within the cloud
Google Apps Security Director, Eran Feigenbaum discusses compliance within the cloud, including his thoughts on emerging cloud security standards. Video
-
CSA launches cloud security certification initiative for service providers
Plan calls for working with certification bodies, government agencies, as well as an independent CSA certification. News
-
SSAE 16
SSAE 16, also called Statement on Standards for Attestation Engagements 16, is a regulation created by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) for redefining and updating how service compan... Definition
-
Tim Rains on cloud computing security standards, provider transparency
In this video from RSA Conference 2012, Microsoft’s Tim Rains talks about emerging cloud security standards efforts and customers need for visibility into cloud provider security. Video
-
CSA at RSA 2012: International cloud computing security standards needed
Cloud providers and security experts discuss need for uniform rules that apply across international boundaries News
-
Development of NIST cloud security guidelines a complex process
Several public-private partnerships are working to develop specifications to support the NIST roadmap. Tip
-
Using SSAE 16 standard, SOC reports to assess cloud provider security
The SAS 70 report has been replaced by the SSAE 16, but how does it stack up as a tool to measure a provider’s security? Tip
-
Cloud computing security issues on tap at RSA Conference 2012
Data privacy, cloud security standards among the topics to be discussed. News
-
FedRAMP cloud computing standards initiative spurs optimism, criticism
Federal cloud security framework aims to speed cloud security assessments and agency cloud adoption. News
-
Federal officials launch cloud computing security standards initiative
FedRAMP establishes standard approach for federal agencies to assess cloud providers. News
-
NIST guidance cites cloud security gaps, need for standards
The NIST roadmap was designed to foster government cloud adoption but is helpful for private businesses as well. Tip
- See More: All on Cloud Computing Frameworks and Standards
About Cloud Computing Frameworks and Standards
Lack of transparency is a common criticism lodged against cloud service providers, but several standards programs and frameworks aim to solve that problem. Learn about emerging cloud computing standards and cloud computing frameworks, such as the Cloud Security Alliance's GRC stack and government standards programs like FedRAMP.