Cloud Computing Strategies for the CIO
Email Alerts
-
Guide: Examining cloud computing security standards, guidelines
Providing security assurance in cloud computing environments isn’t easy. This mini learning guide outlines a variety of could computing security standards and guidelines, including CSA’s STAR, NIST’s SP500 and the SSAE16 auditing standard and explain... guide
-
Cloud Security Tutorials and Learning Guides
guide
-
(ISC)2, CSA partner on new cloud security certification
The yet-unnamed certification will seek to validate skills of cloud security pros, but it's unclear how it may complement or overlap with existing certs. News | 26 Apr 2013
-
CSA offers new initiatives to address SMB cloud security issues
In response to growing SMB cloud security issues, the Cloud Security Alliance announced a new working group and membership level focused on SMBs. News | 26 Apr 2013
-
Cloud security key to BYOD, (ISC)2 study shows
(ISC)2 says businesses welcome bring your own device (BYOD) policies for cost savings and user experience, but need the right security skills News | 16 Jan 2013
-
Cloud Security Alliance tackles big data security
CSA will work with Fujitsu Laboratories of America on best practices, standards for securing big data. News | 31 Aug 2012
-
AWS security now documented in CSA STAR
Amazon Web Services has filed details on its security controls with Cloud Security Alliance online registry, showing a new level of transparency. News | 24 Jul 2012
-
FedRAMP cloud security 3PAO on process, goals for program
Todd Coen of Dynamic Research Corporation talks about what 3PAOs will do and what happens next with FedRAMP. News | 30 May 2012
-
Google Apps for Business wins ISO 27001 certification
Google Apps for Business has earned ISO 27001 certification, a move welcomed by analysts and the UK cloud computing industry. News | 30 May 2012
-
CSA launches cloud security certification initiative for service providers
Plan calls for working with certification bodies, government agencies, as well as an independent CSA certification. News | 10 May 2012
-
CSA at RSA 2012: International cloud computing security standards needed
Cloud providers and security experts discuss need for uniform rules that apply across international boundaries News | 27 Feb 2012
-
Cloud computing security issues on tap at RSA Conference 2012
Data privacy, cloud security standards among the topics to be discussed. News | 16 Feb 2012
- See more News on Cloud Computing Frameworks and Standards
-
NIST cloud security spec addresses cloud geolocation, data security
The new NIST cloud security proof-of-concept implementation details how to manage workloads based on cloud geolocation data. Tip
-
Development of NIST cloud security guidelines a complex process
Several public-private partnerships are working to develop specifications to support the NIST roadmap. Tip
-
Using SSAE 16 standard, SOC reports to assess cloud provider security
The SAS 70 report has been replaced by the SSAE 16, but how does it stack up as a tool to measure a provider’s security? Tip
-
NIST guidance cites cloud security gaps, need for standards
The NIST roadmap was designed to foster government cloud adoption but is helpful for private businesses as well. Tip
-
Book chapter: Cloud security assessment techniques
In this book chapter from Securing the Cloud, author J.R. “Vic” Winkler provides tools that can be used to evaluate the security of a cloud provider. Tip
-
Cloud security standards provide assessment guidelines
The Cloud Security Alliance Cloud Controls Matrix helps cloud providers and customers to evaluate security controls. Tip
-
Secure cloud computing how-to documents
Ernie Hayden explains where providers should go to obtain the guidance necessary to manage security in a cloud computing project. Tip
-
FedRAMP 3PAO (third-party assessment organization)
A 3PAO is an organization that has been certified to help cloud service providers and government agencies meet FedRAMP compliance regulations. 3PAO stands for Third Party Assessment Organization. Definition
-
Trusted Cloud Initiative
The Trusted Cloud Initiative is a program of the Cloud Security Alliance industry group created to help cloud service providers develop industry-recommended, secure and interoperable identity, access and compliance management configurations and pract... Definition
-
SSAE 16
SSAE 16, also called Statement on Standards for Attestation Engagements 16, is a regulation created by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) for redefining and updating how service compan... Definition
-
Cloud Controls Matrix
The Cloud Controls Matrix is a baseline set of security controls created by the Cloud Security Alliance to help enterprises assess the risk associated with a cloud computing provider. Definition
-
CloudAudit
CloudAudit is a specification for the presentation of information about how a cloud computing service provider addresses control frameworks. The specification provides a standard way to present and share detailed, automated statistics about performa... Definition
-
cloud computing
A cloud service has three distinct characteristics that differentiate it from traditional hosting. It is sold on demand, typically by the minute or the hour; it is elastic -- a user can have as much or as little of a service as they want at any given... Definition
-
On cloud transparency, providers offering 'too much information'
Video: Cloud Security Alliance COO John Howie discusses improvements in providers' efforts at cloud transparency, including when data crosses borders. Video
-
John Howie discusses CSA initiatives, cloud adoption issues at RSA
Video: John Howie, COO of the Cloud Security Alliance, discusses the ongoing initiatives at the CSA and how to overcome cloud adoption issues. Video
-
Video: Founder of Common Assurance Maturity Model on CSP rating system
CAMM founder Raj Samani describes CAMM’s vision of a cloud service provider rating system to match customer organizations with CSPs. Video
-
Tim Rains on cloud computing security standards, provider transparency
In this video from RSA Conference 2012, Microsoft’s Tim Rains talks about emerging cloud security standards efforts and customers need for visibility into cloud provider security. Video
-
Jose Granado on securing cloud computing, data management
Ernst & Young’s Americas security services chief discusses securing cloud computing, data management in the cloud and cloud security standards. Video
-
Gartner’s Neil MacDonald on lacking cloud computing security standards
The Gartner VP discusses lacking cloud computing security standards, as well as advice for enterprises seeking to get a handle on cloud computing security. Video
-
Google Apps security director discusses compliance within the cloud
Google Apps Security Director, Eran Feigenbaum discusses compliance within the cloud, including his thoughts on emerging cloud security standards. Video
-
FedRAMP 3PAO (third-party assessment organization)
A 3PAO is an organization that has been certified to help cloud service providers and government agencies meet FedRAMP compliance regulations. 3PAO stands for Third Party Assessment Organization. Definition
-
On cloud transparency, providers offering 'too much information'
Video: Cloud Security Alliance COO John Howie discusses improvements in providers' efforts at cloud transparency, including when data crosses borders. Video
-
(ISC)2, CSA partner on new cloud security certification
The yet-unnamed certification will seek to validate skills of cloud security pros, but it's unclear how it may complement or overlap with existing certs. News
-
CSA offers new initiatives to address SMB cloud security issues
In response to growing SMB cloud security issues, the Cloud Security Alliance announced a new working group and membership level focused on SMBs. News
-
John Howie discusses CSA initiatives, cloud adoption issues at RSA
Video: John Howie, COO of the Cloud Security Alliance, discusses the ongoing initiatives at the CSA and how to overcome cloud adoption issues. Video
-
Cloud security key to BYOD, (ISC)2 study shows
(ISC)2 says businesses welcome bring your own device (BYOD) policies for cost savings and user experience, but need the right security skills News
-
NIST cloud security spec addresses cloud geolocation, data security
The new NIST cloud security proof-of-concept implementation details how to manage workloads based on cloud geolocation data. Tip
-
Cloud Security Alliance tackles big data security
CSA will work with Fujitsu Laboratories of America on best practices, standards for securing big data. News
-
AWS security now documented in CSA STAR
Amazon Web Services has filed details on its security controls with Cloud Security Alliance online registry, showing a new level of transparency. News
-
Guide: Examining cloud computing security standards, guidelines
Providing security assurance in cloud computing environments isn’t easy. This mini learning guide outlines a variety of could computing security standards and guidelines, including CSA’s STAR, NIST’s SP500 and the SSAE16 auditing standard and explain... guide
- See more All on Cloud Computing Frameworks and Standards
About Cloud Computing Frameworks and Standards
Lack of transparency is a common criticism lodged against cloud service providers, but several standards programs and frameworks aim to solve that problem. Learn about emerging cloud computing standards and cloud computing frameworks, such as the Cloud Security Alliance's GRC stack and government standards programs like FedRAMP.