• CCSK
  • Register for CSA Congress EMEA 2015
  • CCSK

News

June 18, 2015

The Cloud Security Alliance (CSA) has opened the call for papers for the 2015 CSA APAC Congress

The 2015 CSA APAC Congress will be held December 2-3rd in Guangzhou, China. CSA APAC Congress is the premium event for compelling presentations and interesting discussions about research, development, practice and trends related to cloud security. Attendees represent end-user, research and industry viewpoints, and there are plenty of networking and business opportunities throughout the event….

June 14, 2015

Cloud Security Alliance Expands Star Provider Certification Into China

Called CSA C-STAR Assessment, program brings increased security assurance to cloud service providers in the Greater China area based upon CSA global best practices; adoption already underway Guangzhou, CHINA, June 15, 2015 – The Cloud Security Alliance® (CSA) today announced the launch of CSA C-STAR Assessment, a technology-neutral assessment that leverages Chinese national standards to…

June 08, 2015

Call for Volunteers: Security Guidance for Critical Areas of Focus in Cloud Computing

The Cloud Security Alliance’s (CSA) Security Guidance for Critical Areas of Focus leverages the CSA Cloud Control Matrix and seeks to establish a stable, secure baseline for cloud operations. It acts as a practical, actionable road map to individuals looking to safely and securely adopt the cloud paradigm. Since its last revision in 2011, the…

See more news

Research

May 06, 2015

CSA Launches Best Practices for Mitigating Risks in Virtualized Environments

At this year’s RSA Conference, the Cloud Security Alliance released a new whitepaper entitled: “Best Practices for Mitigating Risks in Virtualized Environments” which provides guidance on the identification and management of security risks specific to compute virtualization technologies that run on server hardware. The whitepaper was developed by CSA’s Virtualization Working Group which is co-chaired…

May 06, 2015

CSA CloudBytes: May Webcast

The Cloud Security Alliance CloudBytes webinar series is dedicated to educate the industry on the latest trends and topics in cloud computing. From regulation and risk in the cloud to the latest topics in IoT and data protection and privacy, we’ve reached thousands with our messages from top industry experts. Please join us at the…

April 28, 2015

OPEN PEER REVIEW: Privacy Level Agreement 4 Europe V2

The Cloud Security Alliance would like to invite you to review and comment on the Privacy Level Agreement 4 Europe V2. The Cloud Security Alliance published in February 2013 the “Privacy Level Agreement Outline for CSPs Providing Services in the European Union” (PLA4EU V.1). The PLA4EU V.1 should be considered as a powerful transparency and…

See more research

Certification

CCSK: Certificate of Cloud Security Knowledge

The Certificate of Cloud Security Knowledge (CCSK) is designed to ensure that a broad range of professionals with a responsibility related to cloud computing have a demonstrated awareness of the security threats and best practices for securing the cloud.

Learn more

Training

CSA Training

The Cloud Security Alliance offers training in the following three areas: CCSK training, PCI Cloud training, GRC Stack training.

Learn more

Downloads

Big Data Taxonomy

Big Data Taxonomy

A research document outlining the six dimensions of big data to help decision makers navigate the myriad choices in compute and storage infrastructures as well as data analytics techniques, and security and privacy frameworks.

Release Date: September 18, 2014

Consensus Assessments Initiative Questionnaire v3.0.1

Consensus Assessments Initiative Questionnaire v3.0.1

Realigns the CAIQ questions to CCM v3.0.1 control domains and the Cloud Security Alliance “Security Guidance for Critical Areas of Focus in Cloud Computing V3.0″

Release Date: July 11, 2014

Cloud Controls Matrix v3.0.1

Cloud Controls Matrix v3.0.1

New and updated mappings, consolidation of redundant controls, rewritten controls for clarity of intent, STAR enablement, and SDO alignment.

Release Date: July 11, 2014

Enterprise Architecture v2.0

Enterprise Architecture v2.0

The Enterprise Architecture is both a methodology and a set of tools that enable security architects, enterprise architects and risk management professionals to leverage a common set of solutions that fulfill their common needs to be able to assess where their internal IT and their cloud providers are in terms of security capabilities and to plan a roadmap to meet the security needs of their business.

Release Date: February 25, 2013

Privacy Level Agreement (PLA) Outline for the Sale of Cloud Services in the European Union

Privacy Level Agreement (PLA) Outline for the Sale of Cloud Services in the European Union

The Outline provides a structure for Cloud Service Providers (CSP) to disclose, in a consistent matter, information about the privacy and data protection policies, procedures and practices used when processing personal data that customers upload or store in the CSP’s servers.

Release Date: February 24, 2013

Security Guidance for Critical Areas of Mobile Computing

Security Guidance for Critical Areas of Mobile Computing

Mobile devices empower employees to do what they need to do — whenever and wherever. People can work and collaborate “in the field” with customers, partners, patients or students and each other. But they need to be supported with always current operational processes and information, whether from apps, the Internet, or documents from other people.

Release Date: November 08, 2012

Security Guidance for Critical Areas of Focus in Cloud Computing V3.0

Security Guidance for Critical Areas of Focus in Cloud Computing V3.0

The CSA guidance as it enters its third edition seeks to establish a stable, secure baseline for cloud operations. This effort provides a practical, actionable road map to managers wanting to adopt the cloud paradigm safely and securely. Domains have been rewritten to emphasize security, stability and privacy, ensuring corporate privacy in a multi-tenant environment.

Release Date: November 14, 2011

Consensus Assessments Initiative Questionnaire v1.1

Consensus Assessments Initiative Questionnaire v1.1

Questionnaire is organized using CSA 13 governing & operating domains divided into “control areas” within CSA’s Control Matrix structure.

Release Date: September 01, 2011