Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog

All Articles

Home
All Articles
Understanding Best-in-Class Cloud Security Measures and How to Evaluate Providers

Blog Published: 07/11/2011

By Fahim SiddiquiDespite a broader interest in cloud computing, many organizations have been reluctant to embrace the technology due to security concerns. While today’s businesses can benefit from cloud computing’s on-demand capacity and economies of scale, the model does require they relinquish ...

Watch Out for the Top 6 Cloud Gotchas!

Blog Published: 07/11/2011

By Margaret Dawson, VP of Product Management, HubspanI am a huge proponent of cloud-based solutions, but I also have a bailiwick for people who look to the cloud just for cloud’s sake, and do not take time to do the due diligence. While the cloud can bring strong technical, economic and business...

CSA Announces Licensing Agreement With CSC For Cloudtrust Protocol

Press Release Published: 07/06/2011

Cloud Trust Protocol Provides Enterprises with the Confidence To Bring More Sensitive and Valuable Business Functions to the Cloud Falls Church, VA – July 6, 2011 – Today the Cloud Security Alliance (CSA), a member-driven organization chartered with promoting the use of best practices for pr...

Security as a Service Initial Group Call set for July 5th

Press Release Published: 06/30/2011

The CSA Security as a Service (SecaaS) Working Group will have their first group call on July 5th. The purpose of their research will be to identify consensus definitions of what Security as a Service means, to categorize the different types of Security as a Service and to provide guidance to org...

Call for Volunteers to Upgrade the CSA Cloud Controls Matrix to v1.2

Press Release Published: 06/22/2011

We need smart, motivated volunteers and team leaders who are committed to an early August 2011 completion date. You can prepare yourself by checking out the current CSA Cloud Controls Matrix (v1.1) here: https://cloudsecurityalliance.org/research/projects/cloud-controls-matrix-ccm/ If you want to...

SecaaS Seeks Additional Input on Working Group Proposal

Press Release Published: 06/21/2011

**June 21, 2011 ** – Thank you to those who have contributed to the "Categories of Service" section of our working group proposal. We are still seeking input to all categories. For those who have recently expressed interest in getting involved, send me an email at [email protected]...

Telecom Working Group Charter Finalized

Press Release Published: 06/21/2011

**June 21, 2011 ** – The Cloud Security Alliance (CSA) would like to announce that a finalized Telecom Working Group (TWG) Charter is available to download on the Telecom Working Group page. The working group's web page has also been updated to include current leadership and contributing members....

How Public Cloud Providers Can Improve Their Trustworthiness

Blog Published: 06/16/2011

By Matthew GardinerWhen you meet someone you have never met for the first time, in a place you have never been to, do you trust him? Would you have him hold your wallet for you or would you share some sensitive personal information with him? Of course not. Obviously this person is not trusted b...

SecaaS Seeks Input on Working Group Proposal

Press Release Published: 06/07/2011

June 6, 2011– The Cloud Security Alliance is now soliciting input for the Security as a Service (SecaaS) Working Group’s “Categories of Service” section of their working group proposal. One of the group’s objectives is to define categories of cloud security services (and to what degree they mitig...

Updated Telecom Working Group Charter Available for Review

Press Release Published: 05/26/2011

May 26, 2011 – The Cloud Security Alliance would like to announce that a draft of the updated Telecom Working Group (TWG) Charter is now available for review. The new charter re-defines the scope of the TWG to allow more differentiation and synergy with the Security as a Service (SecaaS – Work Gr...

Call for volunteers to upgrade the CSA Cloud Controls Matrix to v1.2

Press Release Published: 05/23/2011

In less than one month we will begin creating the next version of the CSA Controls Matrix. Our goals are to (1) include more granular controls for IaaS, and (2) create more mappings between the matrix and other compliance frameworks, such as NERC CIP. We need smart, motivated volunteers and team...

Cloud Security Alliance Launches New Greater China Regional Coordinating Body

Press Release Published: 05/20/2011

Beijing, China –China Cloud Computing General Conference– May 20, 2011 – Today at the China Cloud Computing General Conference, the Cloud Security Alliance (CSA) announced the formation of a new Greater China Regional Coordinating Body, to facilitate the growing interest in best practices for clo...

Pamela Jones Harbour Joins Cloud Security Alliance as Co-Chair of Legal Working Group

Press Release Published: 05/16/2011

Former Federal Trade Commissioner Brings Significant Experience to Mission of Bridging the Gap Between Cloud Technology and the Law New York, NY – May 16, 2011 – The Cloud Security Alliance (CSA) announced that former Federal Trade Commissioner Pamela Jones Harbour has signed on as a co-chair of...

Security Standards – Why they are so Critical for the Cloud

Blog Published: 05/13/2011

By Matthew GardinerEveryone loves standards, right? When is the last time you heard a vendor proudly say that their product or service was closed and proprietary? However, it also seems that every time a new IT architecture sweeps through the market, this time one based on cloud models, the les...

OAuth - authentication & authorization for mobile applications

Blog Published: 05/06/2011

By Paul MadsenFederation is a model of identity management that distributes the various individual components of an identity operation amongst different actors. The presumption being that the jobs can be distributed according to which actors are best suited or positioned to take them on. For inst...

Who Moved My Cloud

Blog Published: 05/04/2011

by Allen Allison, Chief Security Officer at NaviSite (www.navisite.com)Managed cloud services are quickly being adopted by large enterprises. Organizations are increasingly embracing cloud technologies for core services like financial systems, IT infrastructure, online merchant sites, and messagi...

Cloud Computing and Device Security: The “Always Able” Era

Blog Published: 04/29/2011

By Mark Bregman, CTO of SymantecDevice Proliferation: Mobility and Security in the CloudChief Information Security Officers know instinctively that the world under their purview is undergoing a shift every bit as significant as the rise of the World Wide Web more than 15 years ago. The demand on ...

Cloud Security Alliance Announces Key Initiative in Development of Cloud Security Standards in Partnership with ISO/IEC

Press Release Published: 04/21/2011

CSA Establishes Category C Liaison Relationship with ISO/IEC JTC 1/SC 27 London, ENGLAND – #CSASummit at #InfosecUK– April 20, 2011 – At the CSA Summit at Infosecurity Europe, the Cloud Security Alliance (CSA) announced that it will have a key role in the development of cloud security and priva...

Is Tokenization or Encryption Keeping You Up at Night?

Blog Published: 04/20/2011

By Stuart Lisk, Senior Product Manager, HubspanAre you losing sleep over whether to implement tokenization or full encryption as your cloud security methodology? Do you find yourself lying awake wondering if you locked all the doors to your sensitive data? Your “sleepless with security” insomnia ...

Protect the API Keys to your Cloud Kingdom

Blog Published: 04/18/2011

API keys to become first class citizens of security policies, just like SSL keysBy Mark O’Neill, CTO, VordelMuch lip service is paid to protecting information in the Cloud, but the reality is often seat-of-the-pants Cloud security. Most organizations use some form of API keys to access their clou...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
165
166
167
169
171
172
173
Last »