Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

CSA Official Press Release

Published 05/15/2013

Cloud Security Alliance Successfully Completes Open Certification Framework (OCF) Pilot Implementations with Alibaba and New Taipei City Government

Cloud Security Alliance Successfully Completes Open Certification Framework (OCF) Pilot Implementations with Alibaba and New Taipei City Government

Representatives to Discuss Cloud Computing Pilot Results and Key Learnings at CSA Congress APAC

CSA CONGRESS ASIA PACIFIC – Singapore - May 15, 2013 – The Cloud Security Alliance (CSA) today announced the successful completion of the Open Certification Framework’s (OCF) STAR Certification pilot assessments with Alibaba and the New Taipei City Government (NTPC) Government Cloud (G-Cloud). The Open Certification Framework has been developed by the CSA to offer cloud providers a trusted global certification scheme. The STAR Certification is one of the components of the OCF initiative; it supports an independent third-party assessments based on the Cloud Control Matrix and ISO 27001. The STAR Certification has been developed in collaboration with BSI – the global business standards company. “We are encouraged by the results of the pilots and would like to thank representatives from New Taipei City Government and Alibaba for their time, collaboration and efforts in working toward accelerating cloud computing through this pilot period,” said Aloysius Cheang, CSA APAC Managing Director. “Organizations and end users locally and globally will greatly benefit from these efforts as we move toward secure cloud computing throughout the region.” The pilot at New Taipei City is part of an important program adopted earlier this year to drive cloud computing adoption in NTPC and Taiwan. They are part of a framework agreement made official in a signing ceremony held at the City Hall of New Taipei City on March 11. Whereas Alibaba is a key CSA corporate member in China, having joined the Alliance only late last year. “We have reached a key milestone in the adoption of OCF STAR Certification,” said David Brown, Director of Corporate Development at BSI. “By completing this significant pilot, BSI and CSA have moved a step closer to launching OCF STAR certification, which aims to improve transparency and confidence in the cloud industry.” In an effort to help others in the Asia-Pacific region understand their experience and key learnings from the pilots, Shen Xiyong, Information Security Expert, Alibaba, China and Dr Wu Chao-Ming, Chairperson, Research, Development and Evaluation Commission, New Taipei City Government, Taiwan will take part in an upcoming session at the CSA Congress APAC titled, “Third Party Certification – Do We Need It?; Differences Between Local and Global Certification Schemes.” The session, chaired by Daniele Catteddu, CSA EMEA Managing Director and Project Director leading the CSA OCF initiative, will be held on Thursday, May 16 at 10:10 a.m. local time. Additionally, in recognition of each organization’s support and efforts throughout the pilot, representatives from Alibaba and NTPC will be presented with certificates of appreciation from the CSA during a special ceremony being held at the CSA Congress APAC. “The OCF pilot has positively positioned Alibaba’s cloud play, Aliyun, as an international player that accelerates customers in cloud adoption,” said Shen. “Via a third party audit using a proven cloud security framework, for example CSA's Cloud Control Matrix, the CSA STAR level 2 certification scheme is the way to allay fear and build trust in the cloud. With the introduction of OCF, governmental and financial clients now can accelerate their plans to embrace the cloud with Aliyun as their partner of choice.” Under the framework agreement, NTPC and CSA have engaged in a three-year strategic collaboration in an aligned partnership to further the security of cloud computing and build capabilities in the areas of both cloud computing and security in New Taipei City, and using New Taipei City as a hub, drive security and cloud computing development in Taiwan. In addition, NTPC will work through CSA APAC together with the local chapter to accelerate cloud adoption in the country therefore developing Taiwan into a cloud hub. “We appreciate the tremendous support that has been provided by Alibaba and New Taipei City with the OCF-STAR Certification G-Cloud pilot. We have learned much over the last few months and look forward to applying these learnings as we make final progress on our STAR Certification,” said Daniele Catteddu. “In particular, we are looking forward to increased collaboration with NTPC to further demonstrate how the CSA STAR certification scheme and OCF works to create trust and confidence in government cloud services.” “CSA continues to be an integral part of our strategy to engage the industry proactively and build an eco-system conducive for the accelerated adoption of cloud computing. The OCF is a revolutionary tool built ahead of its time where governance, risk and compliance issues are tackled foremost and hence building trust and confidence in the cloud”, said Dr Wu. The inaugural CSA APAC Congress will take place May 15-16 at the Marriott Hotel in Singapore.** The CSA Congresses continue to be the industry’s premier gathering for IT security professionals and executives who must further educate themselves on the rapidly evolving subject of cloud security. In addition to offering best practices and practical solutions for remaining secure in the cloud, CSA Congress will focus on emerging areas of growth and concern in cloud security, including standardization, transparency of controls, mobile computing, Big Data in the cloud and innovation. **About the Cloud Security Alliance The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa. About BSI BSI (British Standards Institution) is the business standards company that equips businesses with the necessary solutions to turn standards of best practice into habits of excellence. Formed in 1901, BSI was the world’s first National Standards Body and a founding member of the International Organization for Standardization (ISO). Over a century later it continues to facilitate business improvement across the globe by helping its clients drive performance, manage risk and grow sustainably through the adoption of international management systems standards, many of which BSI originated. Renowned for its marks of excellence including the consumer recognized BSI Kitemark, BSI’s influence spans multiple sectors including aerospace, construction, energy, engineering, finance, healthcare, IT and retail. With over 70,000 clients in 150 countries, BSI is an organization whose standards inspire excellence across the globe. To learn more, please visit www.bsigroup.com Contacts Kari Walker ZAG Communications for the CSA [email protected] 703.928.9996

Share this content on your favorite social network today!

About Cloud Security Alliance

The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, follow us on Twitter @cloudsa.

For press inquiries, email Zenobia Godschalk of ZAG Communications or reach her by phone at 650.269.8315.