Definition

Security, Trust and Assurance Registry (STAR)

WhatIs.com
Follow:
Contributor(s): Marcia Savage
This definition is part of our Essential Guide: How to evaluate, choose and work securely with cloud service providers

The Security, Trust and Assurance Registry (STAR) is an online registry of cloud provider security controls. 

STAR was launched by the Cloud Security Alliance, a nonprofit group of vendors, consultants and practitioners in August 2011. The goal of the registry, which is freely accessible, is to increase cloud provider transparency by making self-assessments provided by cloud providers publicly available. Cloud customers can use STAR to research the security practices of participating cloud providers.

To participate in the registry, cloud providers can submit a report documenting their compliance with the CSA’s Cloud Controls Matrix, which provides a controls framework. Or providers can opt to submit a Consensus Assessments Initiative Questionnaire (CAIQ), a list developed by the CSA of more than 140 questions a cloud customer might ask a cloud provider.

In the fall of 2011, the CSA announced that Google, Verizon, Intel, McAfee and Microsoft plan to participate in STAR. In December, a preview of the registry became available with CAIQs for Microsoft Office 365 and cloud-based managed security provider Solutionary.

This was last updated in February 2012

Continue Reading About Security, Trust and Assurance Registry (STAR)

Start the conversation

Send me notifications when other members comment.

Register

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchSecurity

SearchCloudComputing

SearchAWS

SearchCloudApplications

SearchServerVirtualization

SearchVMware

ComputerWeekly.com

Close