Cloud Computing Frameworks and Standards

Cloud Computing Frameworks and Standards News

April 12, 2017 12 Apr'17
Symantec CA woes debated by browser community

Compliance with CA/B Forum Baseline Requirements was debated after Symantec CA posted responses to 14 issues raised by Mozilla developers.
October 21, 2016 21 Oct'16
EU-U.S. Privacy Shield certification process picks up steam, slowly

After a slow start, some U.S. companies are starting to address the questions and challenges of EU-U.S. Privacy Shield certification. But most haven't started the process.
February 03, 2016 03 Feb'16
Privacy Shield to replace Safe Harbor framework

The EU and U.S. agree on Privacy Shield as the replacement for the Safe Harbor framework for transatlantic data flows, though questions remain over privacy protection details.
January 28, 2016 28 Jan'16
Industry group says FedRAMP certification process is 'broken'

An advocacy group representing cloud providers such as Hewlett Packard Enterprise and IBM has criticized FedRAMP and called on the government to fix the cloud certification program.

Bring yourself up to speed with our introductory content

cloud computing

Cloud computing is a general term for the delivery of hosted services over the internet. Continue Reading
software-defined perimeter (SDP)

Software-defined perimeter (SDP) is a security framework developed by the Cloud Security Alliance (CSA) that controls access to resources based on identity. Continue Reading
SSAE 16

The Statement on Standards for Attestation Engagements No. 16 (SSAE 16) is a set of auditing standards and guidance on using the standards, published by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (... Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

What's different about Google Asylo for confidential computing?

The Google Asylo framework is an open source alternative for confidential computing. Expert Rob Shapland explains how it works and how it's different from other offerings. Continue Reading
How do SLAs factor into cloud risk management?

While you may not have much control over the infrastructure used by cloud service providers, you’re not completely at their mercy when it comes to cloud risk management. Continue Reading
Consider international cloud security standards, legal reqs

Whether you're accessing (or operating) the cloud from Miami, Milan or Mumbai, you need to ensure those services meet regional cloud security standards and legal requirements. Continue Reading

Learn to apply best practices and optimize your operations.

How shared cloud security assessments can benefit enterprises

Ensuring cloud security is a constant problem that shared cloud security assessments are trying to address. Learn about the benefits of sharing assessments with Nick Lewis. Continue Reading
The best cloud security certifications for IT professionals

There are a few options for infosec professionals looking for cloud security certifications. Expert Frank Siemons outlines the top choices available with a cloud focus. Continue Reading
Adding a cloud security policy to your overall IT defense strategy

Enterprises should consider a cloud security policy in the wake of more services moving to the cloud. Expert Mike Chapple examines how IT security standards can be reworked. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How enterprises should handle GDPR compliance in the cloud

GDPR compliance in the cloud can be an intimidating concept for some enterprises, but it doesn't have to be. Rob Shapland explains why it's not so different from on premises. Continue Reading
A guide to cloud security certifications for infosec pros

Both vendor-neutral and vendor-specific cloud security certifications have emerged as businesses shift toward cloud computing models that reduce TCO and expand computing capacity. Continue Reading
How are cloud threats abusing public cloud services?

Dropbox API abused by attackers posing as legitimate users in a huge spear phishing campaign. Expert Dan Sullivan explains how to mitigate the risks of these cloud threats. Continue Reading