Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

All Articles
Cloud Security Alliance announces strategic partnership with HISPI

Press Release Published: 09/21/2010

Strategic Partnership: HISPI & CSA LITHONIA, GA — September 21, 2010 – The Holistic Information Security Practitioner Institute (HISPI), the worldwide visionary in Governance, Risk, and Compliance (GRC) thought leadership, today announced today a strategic partnership with the Cloud Se...

Cloud Security Alliance Seeks Community Input for Top Threats Report

Press Release Published: 09/09/2010

Version 2.0 slated for release in late 2010 San Francisco, CA – September 9, 2010 – The Cloud Security Alliance is now soliciting input for Version 2.0 of its "Top Threats to Cloud Computing Report." This pending revision is the first to Version 1.0, which was published and announced earlier t...

Cloud Security Alliance announces availability of Certificate of Cloud Security Knowledge (CCSK)

Press Release Published: 09/01/2010

Cloud Security Alliance’s User Certification Now Available Certificate of Cloud Security Knowledge (CCSK) Aimed at Promoting Secure Cloud Computing for All San Francisco, CA – September 1, 2010 – The Cloud Security Alliance’s Certificate of Cloud Security Knowledge (CCSK) is now open for testi...

Cloud Security Alliance announces the world's first user certification for cloud security

Press Release Published: 07/28/2010

Cloud Security Alliance Sets Industry Standard with New User Certification Certificate of Cloud Security Knowledge (CCSK) Aimed at Promoting Secure Cloud Computing for All Las Vegas, NV – July 28, 2010 - The Cloud Security Alliance today unveiled the industry’s first user certification program ...

Multi-tenancy and bad landlords

Blog Published: 06/13/2010

So there's been a lot of discussion about multi-tenancy recently and what it means for cloud providers and users. To put it simply: multi-tenancy is highly desirable to providers because they can provide a service or a platform (such as WordPress) and cram a kajillion users into it without having...

Backups and security for cloud applications

Blog Published: 06/10/2010

Backups, the thing we all love to hate, and hate to love. Recreating data is rarely cheap, especially if it involves detailed analysis and combination. So we back it up.Take for example this blog, it's based on WordPress; which is about as standard and supported as you can get for a blog. Backing...

Put your chauffeur on the upgrade treadmill

Blog Published: 06/03/2010

I don't know if anyone here remembers the "Billion Dollar Brain" by Len Deighton. One scene that stuck with me is General Midwinter making his minion (a chauffeur or bodyguard, I can't remember which) do his time on the exercise bike for him and asking "how many miles did we bike today?"Wouldn't ...

News roundup for May 28 2010

Blog Published: 05/28/2010

Financial Services Like The Cloud, Provided It's Private - http://www.informationweek.com/cloud-computing/blog/archives/2010/05/financial_servi.htmlNovell Identity Manager extended to cloud - http://www.computerworlduk.com/technology/applications/software-service/news/index.cfm?newsid=20357Amazon...

Software evaluation 2.0 ?

Blog Published: 05/27/2010

I spend a lot of time evaluating software; for product reviews, to see which versions are vulnerable to various exploits and sometimes just to see if I should be using it. Most often this looks something like: find the software, download it, find the install and configuration documents, walk thro...

Counterfeit gear in the cloud

Blog Published: 05/26/2010

One of the best and worst things about outsourced cloud computing (as opposed to in house efforts) is the ability to spend more time on what is important to you, and leave things like networking infrastructure, hardware support and maintenance and so on to the provider. The thing I remember most ...

Cloud Security Alliance announces appointment of general counsel Francoise Gilbert

Press Release Published: 05/24/2010

Noted Attorney and Author Francoise Gilbert to Manage Cloud Security Alliance's Legal Affairs Palo Alto, California – May 24, 2010 – The Cloud Security Alliance today has announced that Francoise Gilbert, founder and managing director of the IT Law Group, has accepted the appointment as General ...

Amazon AWS - 11 9's of reliability?

Blog Published: 05/24/2010

Amazon recently added a new redundancy service to their S3 data storage service. Amazon now claims that data stored in the "durable storage" class is 99.999999999% "durable" (not to be confused with availability - more on this later). "If you store 10,000 objects with us, on average we may lose o...

3 Problems Cloud Security Certification Can Solve

Blog Published: 05/17/2010

By Jim ReavisWhat if there were widely accepted standards for cloud security and, better yet, a universally recognized designation for “trusted” cloud providers?The basic promise of cloud computing is undeniably appealing: Increase efficiency and reduce cost by taking advantage of flexibly pooled...

Season’s Greetings from the CSA!

Blog Published: 05/17/2010

By Zenobia Godschalk2009 has been a busy year for the CSA, and 2010 promises to be even more fruitful. The alliance is now 23 corporate members strong, and is affiliated with numerous leading industry groups (such as ISACA, OWASP and the Jericho Forum) to help advance the goal of cloud security. ...

Your Chance to Influence Cloud Security Research!

Blog Published: 05/17/2010

By Zenobia Godschalk The Cloud Security Alliance needs your help! We are conducting a survey to help us better understand users current cloud deployment plans and biggest areas of security and compliance concern. The feedback generated here will assist the CSA in shaping our educational curriculu...

Cloud Security and Privacy book by CSA founding members

Blog Published: 05/17/2010

By Jim Reavis I wanted to let everyone know about the new book release, Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance. This book was written by three experts, two of whom are CSA founding members. I had the opportunity to read the book prior to its publication and ...

Seemingly basic power problems in state-of-the-art data centers

Blog Published: 05/17/2010

By Wing Ko I came across this "Stress tests rain on Amazon's cloud" article from the itnews for Australian Business about a week ago. A team of researchers in Australia spent 7 months stress tested Amazon's EC2, Google's AppEngine and Microsoft's Azure cloud computing services, and found that the...

CSA Federal Cloud Security Symposium Hosted by MITRE (McLean, VA)

Blog Published: 05/17/2010

By Dov Yoran On August 5th, 2009, Cloud Security Alliance Federal Cloud Security Symposium was hosted by MITRE Corporation. This full day venue provided government personnel with access to leading commercial cloud security experts. Throughout the day perspectives on cloud computing, its benefits ...

Will Silicon Valley Run Out of Data Center Space?

Blog Published: 05/17/2010

By Wing Ko This slashdot posting caught my eyes last night - http://hardware.slashdot.org/story/09/08/12/2227215/Will-Silicon-Valley-Run-Out-of-Data-Center-Space. Judging from the thread, apparently it caught the eyes of quite a few people too.With all the exciting news and press releases during ...

Welcome to the CSA Blog

Blog Published: 05/17/2010

By Jim Reavis Welcome to the Cloud Security Alliance blog. We have initiated this service to allow for more rapid communications between our expert volunteers and the larger community interested in cloud security. We plan to use this venue to comment on the important issues of the day related to ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.