All Articles

All Articles
Cloud Security Alliance announces the world's first user certification for cloud security

Press Release Published: 07/28/2010

Cloud Security Alliance Sets Industry Standard with New User Certification Certificate of Cloud Security Knowledge (CCSK) Aimed at Promoting Secure Cloud Computing for All Las Vegas, NV – July 28, 2010 - The Cloud Security Alliance today unveiled the industry’s first user certification program ...

Multi-tenancy and bad landlords

Blog Published: 06/13/2010

So there's been a lot of discussion about multi-tenancy recently and what it means for cloud providers and users. To put it simply: multi-tenancy is highly desirable to providers because they can provide a service or a platform (such as WordPress) and cram a kajillion users into it without having...

Backups and security for cloud applications

Blog Published: 06/10/2010

Backups, the thing we all love to hate, and hate to love. Recreating data is rarely cheap, especially if it involves detailed analysis and combination. So we back it up.Take for example this blog, it's based on WordPress; which is about as standard and supported as you can get for a blog. Backing...

Put your chauffeur on the upgrade treadmill

Blog Published: 06/03/2010

I don't know if anyone here remembers the "Billion Dollar Brain" by Len Deighton. One scene that stuck with me is General Midwinter making his minion (a chauffeur or bodyguard, I can't remember which) do his time on the exercise bike for him and asking "how many miles did we bike today?"Wouldn't ...

News roundup for May 28 2010

Blog Published: 05/28/2010

Financial Services Like The Cloud, Provided It's Private - http://www.informationweek.com/cloud-computing/blog/archives/2010/05/financial_servi.htmlNovell Identity Manager extended to cloud - http://www.computerworlduk.com/technology/applications/software-service/news/index.cfm?newsid=20357Amazon...

Software evaluation 2.0 ?

Blog Published: 05/27/2010

I spend a lot of time evaluating software; for product reviews, to see which versions are vulnerable to various exploits and sometimes just to see if I should be using it. Most often this looks something like: find the software, download it, find the install and configuration documents, walk thro...

Counterfeit gear in the cloud

Blog Published: 05/26/2010

One of the best and worst things about outsourced cloud computing (as opposed to in house efforts) is the ability to spend more time on what is important to you, and leave things like networking infrastructure, hardware support and maintenance and so on to the provider. The thing I remember most ...

Cloud Security Alliance announces appointment of general counsel Francoise Gilbert

Press Release Published: 05/24/2010

Noted Attorney and Author Francoise Gilbert to Manage Cloud Security Alliance's Legal Affairs Palo Alto, California – May 24, 2010 – The Cloud Security Alliance today has announced that Francoise Gilbert, founder and managing director of the IT Law Group, has accepted the appointment as General ...

Amazon AWS - 11 9's of reliability?

Blog Published: 05/24/2010

Amazon recently added a new redundancy service to their S3 data storage service. Amazon now claims that data stored in the "durable storage" class is 99.999999999% "durable" (not to be confused with availability - more on this later). "If you store 10,000 objects with us, on average we may lose ...

3 Problems Cloud Security Certification Can Solve

Blog Published: 05/17/2010

By Jim ReavisWhat if there were widely accepted standards for cloud security and, better yet, a universally recognized designation for “trusted” cloud providers?The basic promise of cloud computing is undeniably appealing: Increase efficiency and reduce cost by taking advantage of flexibly pooled...

Season’s Greetings from the CSA!

Blog Published: 05/17/2010

By Zenobia Godschalk2009 has been a busy year for the CSA, and 2010 promises to be even more fruitful. The alliance is now 23 corporate members strong, and is affiliated with numerous leading industry groups (such as ISACA, OWASP and the Jericho Forum) to help advance the goal of cloud security. ...

Your Chance to Influence Cloud Security Research!

Blog Published: 05/17/2010

By Zenobia GodschalkThe Cloud Security Alliance needs your help! We are conducting a survey to help us better understand users current cloud deployment plans and biggest areas of security and compliance concern. The feedback generated here will assist the CSA in shaping our educational curriculum...

Cloud Security and Privacy book by CSA founding members

Blog Published: 05/17/2010

By Jim ReavisI wanted to let everyone know about the new book release, Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance. This book was written by three experts, two of whom are CSA founding members. I had the opportunity to read the book prior to its publication and I...

Seemingly basic power problems in state-of-the-art data centers

Blog Published: 05/17/2010

By Wing KoI came across this "Stress tests rain on Amazon's cloud" article from the itnews for Australian Business about a week ago. A team of researchers in Australia spent 7 months stress tested Amazon's EC2, Google's AppEngine and Microsoft's Azure cloud computing services, and found that thes...

CSA Federal Cloud Security Symposium Hosted by MITRE (McLean, VA)

Blog Published: 05/17/2010

By Dov YoranOn August 5th, 2009, Cloud Security Alliance Federal Cloud Security Symposium was hosted by MITRE Corporation. This full day venue provided government personnel with access to leading commercial cloud security experts. Throughout the day perspectives on cloud computing, its benefits a...

Will Silicon Valley Run Out of Data Center Space?

Blog Published: 05/17/2010

By Wing KoThis slashdot posting caught my eyes last night - http://hardware.slashdot.org/story/09/08/12/2227215/Will-Silicon-Valley-Run-Out-of-Data-Center-Space. Judging from the thread, apparently it caught the eyes of quite a few people too.With all the exciting news and press releases during t...

Is your Cloud Provider making money?

Blog Published: 05/17/2010

By Jim ReavisAt a recent Cloud Security Alliance event, George Reese moderated a panel about Public/Private cloud interoperability and application portability. It was a great discussion, and I hope to be able to publish the proceedings soon.One of the common points that comes up when discussing t...

Welcome to the CSA Blog

Blog Published: 05/17/2010

By Jim ReavisWelcome to the Cloud Security Alliance blog. We have initiated this service to allow for more rapid communications between our expert volunteers and the larger community interested in cloud security. We plan to use this venue to comment on the important issues of the day related to o...

Cloud Controls Matrix is Released

Press Release Published: 04/27/2010

Controls framework aligned with CSA guidance, assists both cloud providers and customers in assessing security risks London, UK – April 27, 2010 (Infosecurity Europe Conference) – The Cloud Security Alliance today has announced the availability of version 1.0 of the CSA Cloud Controls Matrix...

Trusted Cloud Research Advisory and New Whitepaper

Press Release Published: 04/27/2010

TCI Working Groups Announced, Domain 12 Identity Management Research Released London, UK – April 27, 2010 (Infosecurity Europe Conference) – The Cloud Security Alliance today has announced the completion of important milestones in its Trusted Cloud Initiative, previously announced by CSA and...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.