Cloud 101CircleEventsBlog
Gain exclusive access to CSA’s extensive network of cloud security experts by becoming a corporate member. Learn how today.

All Articles

All Articles
CSA Seeks Volunteers for Consensus Assessments Initiative Questionnaire (CAIQ) v.2

Press Release Published: 09/12/2012

The Cloud Security Alliance (CSA) warmly invites interested individuals to step forward to contribute to an initiative which promotes cloud security for customers and providers. CSA is calling for volunteers for the following project: Consensus Assessments Initiative Questionnaire (CAIQ) v.2: The...

7 Steps to Developing a Cloud Security Plan

Blog Published: 09/10/2012

By David Grimes, Chief Technology Officer, NaviSite In IT, the easiest way to stop a new technology or solution from being implemented is to raise a security red flag. As soon as someone mentions concerns around a new IT solution not being “secure” the project can come to a screeching halt. So as...

CSA Partners with ASTRI to Further APAC Cloud Security Initiatives

Press Release Published: 09/05/2012

Hong Kong – September 5, 2012 – Following August’s announcement of the Cloud Security Alliance (CSA) selecting Singapore as its corporate headquarters, the CSA today signed a Memorandum of Understanding with the Hong Kong Applied Science and Technology Research Institute (ASTRI) to advance cloud ...

CSA Presents Privacy Level Agreement Initiative at European Parliament

Press Release Published: 09/05/2012

A working group to support EU data protection regulators’ recommendation on cloud computing. September 5, 2012 – Data privacy and protection remains a major impediment to the broad adoption of Cloud services. In an effort to help Cloud Service Providers and potential Cloud customers objectiv...

Can You Be Sued for Using the Cloud?

Blog Published: 08/29/2012

We all know that adopting the Cloud comes with some risks – security, reliability and scalability have, to-date, been the most popular complaints. But now, we can add a new one to the mix: litigation. Case in point, companies doing business in Australia, known for its strict privacy laws, have be...

Fujitsu, Ebay and Verizon to Spearhead New CSA Big Data Working Group

Press Release Published: 08/29/2012

Group to Provide Industry with Leadership, Research and Guidance in Identifying Scalable Techniques for Data Centric Security and Privacy Problems San Francisco, CA and Sunnyvale, CA – August, 29, 2012 – The Cloud Security Alliance (CSA) and Fujitsu Laboratories of America today announced launch...

Is crypto in the cloud enough?

Blog Published: 08/27/2012

Box.net, DropBox, iCloud, SkyDrive,Amazon Cloud Drive... the list goes on for convenient cloud storage options. Some have had a security incident; the rest will. All implement some form of protection against accidental exposure with varying degrees of protection. Are these sufficient and, in the ...

CSA Seeks Input on SecaaS Category 10 Implementation Guidance

Press Release Published: 08/27/2012

As we did with the first wave of SecaaS peer reviews, the CSA Security as a Service (SecaaS) Working Group has expanded upon their “Defined Categories of Service” document released last year. Implementation Guidance documents, for each category of service previously defined, are being developed a...

CSA EMEA Congress 2012 Announces Agenda For Industry’s First EMEA-Wide Conference Devoted to Cloud Security

Press Release Published: 08/27/2012

Industry visionaries from Salesforce.com, Google and HP in speaker line-up at premiere event in Amsterdam on September 25-26th Amsterdam, August 27, 2012 – The Cloud Security Alliance (CSA) and MISTI are pleased to announce a stellar speaker lineup for the inaugural Cloud Security Alliance EMEA...

PhD Studentship in Cloud Security

Press Release Published: 08/22/2012

Background As information infrastructures move into a Cloud Computing environment, there are increasing risks involved with a wide range of issues including privacy, accountability, and availability. The Cloud Security Alliance (CSA) and Edinburgh Napier University thus aim to provide new method...

Your Cloud Provider is a Partner… Not a One-Night Stand

Blog Published: 08/21/2012

“We programmatically interface with Cloud Providers to manage our customer data, so we can rely on them for securing our services right?” Wrong!The moment you start interfacing with a Cloud Provider you immediately inherit the risks associated with their deployment, development, and security mode...

CSA Announces Open Security Framework for Cloud Providers

Press Release Published: 08/20/2012

Edinburgh (UK) – August 20, 2012 –The Cloud Security Alliance (CSA) today announces additional details of its Open Certification Framework, and its partnership with BSI (British Standards Institution). This partnership will ensure the Open Certification Framework is in line with international sta...

Avoiding Storms In The Cloud – The Critical Need for Independent Verification

Blog Published: 08/16/2012

By Chris Wysopal, Co-founder and CTO of VeracodeLast year, Forrester predicted that cloud computing would top $240 billion in 2020. Market Research Media came up with a more aggressive forecast of $270 billion in 2020. None of this data is particularly surprising, as cloud technology is clearly...

Big Data, Big Cloud, Big Problem

Blog Published: 08/15/2012

By Todd ThiemannBig data presents a big opportunity for businesses to mine large volumes of data from a variety of sources to make better and more high velocity decisions. Since big data implementations are practically always deployed in a cloud environment, be it a private cloud or public cloud...

CSA, EBD and IDA to Ratify Singapore APAC Headquarters at CloudSec 2012 Conference

Press Release Published: 08/14/2012

Establishment of CSA Corporate Headquarters and Partnership with Leading Singaporean Agencies to Further Cloud Security in Asia Pacific Singapore – August 15, 2012 – Further to the announcement made on July 20 that Singapore was selected as site for corporate headquarters, the Cloud Security All...

Best Practices to Secure the Cloud with Identity Management

Blog Published: 08/13/2012

Authored by: Dan Dagnall, Director of Pre-Sales Engineering at Fischer International Identity   What is the “cloud identity?”   The “cloud identity” begins at the birth of the user’s “digital identity” and includes the attributes to define “who you are.”  “Cloud Identity” is not a new term to t...

Application-Aware Firewalls

Blog Published: 08/09/2012

You may have heard the term "application-aware firewalls" recently and wondered what it meant. When it comes to security, everyone thinks of Firewalls, Proxies, IPS, IDS, Honeypots, VPN devices, email security and even Web security, but most people don’t think in terms of application level securi...

Tempest in Cloud Computing Market: Will EU Article 29 Working Party’s Opinion Force a Rethink of the Safe Harbor Principles?

Press Release Published: 08/08/2012

The following article excerpt on “Tempest in Cloud Computing Market: Will EU Article 29 Working Party’s Opinion Force a Rethink of the Safe Harbor Principles?” was written by the external legal counsel of the CSA, Ms. Francoise Gilbert of the IT Law Group. We repost it here with her permission. P...

Helix Nebula Science Cloud Passes First Major Test

Press Release Published: 08/07/2012

Proof of concept results demonstrate that CERN, EMBL and ESA have succeeded in deploying challenging scientific applications on Helix-Nebula cloud August 7, 2012 –"Helix Nebula – the science cloud,” set up earlier this year to support the massive IT requirements of European scientists has succes...

PhD studentship in Cloud Service Security (Software Engineering Group)

Press Release Published: 08/07/2012

The Software Engineering Group within the School of Informatics of the City University London invites applications for a PhD studentship funded by the Cloud Security Alliance (CSA EMEA), connecting PhD students with industry partners from CSA's corporate members, to enhance research deployability...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.