Essential Guide

Browse Sections

How to evaluate cloud providers
The realities of working with a cloud provider
Cloud provider metrics and controls
Expert advice for potential CSP customers
- Guard security with a careful cloud provider evaluation
- What cloud providers' customers must know about security standards and provider visibility
Do you know cloudspeak?

BACKGROUND IMAGE: iSTOCK/GETTY IMAGES

This content is part of the Essential Guide: How to evaluate, choose and work securely with cloud service providers

Definition

Security, Trust and Assurance Registry (STAR)

WhatIs.com

Contributor(s): Marcia Savage

The Security, Trust and Assurance Registry (STAR) is an online registry of cloud provider security controls.

STAR was launched by the Cloud Security Alliance, a nonprofit group of vendors, consultants and practitioners in August 2011. The goal of the registry, which is freely accessible, is to increase cloud provider transparency by making self-assessments provided by cloud providers publicly available. Cloud customers can use STAR to research the security practices of participating cloud providers.

To participate in the registry, cloud providers can submit a report documenting their compliance with the CSA’s Cloud Controls Matrix, which provides a controls framework. Or providers can opt to submit a Consensus Assessments Initiative Questionnaire (CAIQ), a list developed by the CSA of more than 140 questions a cloud customer might ask a cloud provider.

In the fall of 2011, the CSA announced that Google, Verizon, Intel, McAfee and Microsoft plan to participate in STAR. In December, a preview of the registry became available with CAIQs for Microsoft Office 365 and cloud-based managed security provider Solutionary.

This was last updated in February 2012

Continue Reading About Security, Trust and Assurance Registry (STAR)

CSA guidance offerse tips, advice on cloud-based security

CSA cloud provider registry aims to boost cloud transparency

Cloud Security Alliance STAR FAQ

Cloud risk management: CSA on its Cloud Controls Matrix

Essential Guide

Security, Trust and Assurance Registry (STAR)

Continue Reading About Security, Trust and Assurance Registry (STAR)

Start the conversation

0 comments

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

SearchSecurity

Shutdown of federal security services puts private sector at risk

How to perform an ICS risk assessment in an industrial facility

Government cybersecurity at risk as shutdown lingers

SearchCloudComputing

Private cloud platforms step out of the shadows

Cloud disaster recovery services evolve, but gaps remain

Implement cloud failover, replication for workload protection

SearchAWS

Hotel chain bets on AWS migration for cloud IT strategy

CloudWatch Logs Insights won't replace third-party tools -- yet

AWS scoops up TSO Logic for cloud spend analysis

SearchCloudApplications

Microsoft Azure Dev Spaces, Google Jib target Kubernetes woes

With progressive web applications, developers blur the lines

Web app development morphs as apps and websites merge

SearchServerVirtualization

The essential guide to open source virtualization platforms

Top 5 SCVMM PowerShell commands

Use branch office servers to support infrastructure expansion

SearchVMware

How VMware snapshots work and how to use them

Manage an ESXi firewall with PowerCLI and ESXCLI

Deploy a VM from a template with VMware PowerCLI

ComputerWeekly.com

APAC enterprises, analysts weigh in on IBM-Red Hat deal

Inside PropertyGuru’s DevOps journey

Singapore’s Redmart finds speed and agility with cloud ERP

Continue Reading About Security, Trust and Assurance Registry (STAR)

Related Terms

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.

File Extensions and File Formats