BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
The Security, Trust and Assurance Registry (STAR) is an online registry of cloud provider security controls.
STAR was launched by the Cloud Security Alliance, a nonprofit group of vendors, consultants and practitioners in August 2011. The goal of the registry, which is freely accessible, is to increase cloud provider transparency by making self-assessments provided by cloud providers publicly available. Cloud customers can use STAR to research the security practices of participating cloud providers.
To participate in the registry, cloud providers can submit a report documenting their compliance with the CSA’s Cloud Controls Matrix, which provides a controls framework. Or providers can opt to submit a Consensus Assessments Initiative Questionnaire (CAIQ), a list developed by the CSA of more than 140 questions a cloud customer might ask a cloud provider.
In the fall of 2011, the CSA announced that Google, Verizon, Intel, McAfee and Microsoft plan to participate in STAR. In December, a preview of the registry became available with CAIQs for Microsoft Office 365 and cloud-based managed security provider Solutionary.
Continue Reading About Security, Trust and Assurance Registry (STAR)
- Moving to PaaS: Security Options to Look For in a Public Kubernetes Service –IBM
- HPE Nimble: How to Guarantee Capacity and Performance for All-Flash Storage ... –HPE
- See More
- Top 5 Misconceptions About the Infrastructure Behind Cloud-Based Security –Forcepoint
- February Technical Guide on Cloud Compliance –SearchSecurity.com