Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
Cloud Security Best Practices: Sharing Lessons Learned

Blog Published: 07/10/2012

By Frank Simorjay, Sr. Product Marketing Manager, Microsoft Trustworthy ComputingCompliance regulations and frameworks can be difficult to comprehend and even harder to explain to management when it’s time to invest in mastering IT governance. TheCloud Security Alliance (CSA) has taken steps t...

Some Things To Consider When Extending Your IdM Into The Cloud

Blog Published: 07/19/2012

About AuthorMark O’Neill is CTO of Vordel, a company which enables companies to connect to mobile and cloudLike many organizations, you no doubt face the challenge of extending your IT operations into the cloud to take advantage of the many cloud-based services demanded by your users today. As...

Security Considerations When Evaluating Google Apps Marketplace Applications

Blog Published: 07/19/2012

By: Tsahy Shapsa, VP of Sales & Marketing and Co-Founder, CloudLockCustomers care about the security of their data in the cloud, and security of customer data is obviously important to Google, which is why Google has invested in completing numerous security audits and certifications such a...

Consumerization 101 – Employee Privacy vs. Corporate Liability

Blog Published: 07/31/2012

Mary D. joined MD&M Inc. in 2009. Being an Apple enthusiast, she was quite excited to learn that the company offered an innovative BYOD program that allows employees to use their own iPhone for work. As part of the new hire package, Mary signed the acceptable use policy and was granted acc...

Application-Aware Firewalls

Blog Published: 08/09/2012

You may have heard the term "application-aware firewalls" recently and wondered what it meant. When it comes to security, everyone thinks of Firewalls, Proxies, IPS, IDS, Honeypots, VPN devices, email security and even Web security, but most people don’t think in terms of application level sec...

Best Practices to Secure the Cloud with Identity Management

Blog Published: 08/13/2012

Authored by: Dan Dagnall, Director of Pre-Sales Engineering at Fischer International Identity   What is the “cloud identity?”   The “cloud identity” begins at the birth of the user’s “digital identity” and includes the attributes to define “who you are.”  “Cloud Identity”...

Big Data, Big Cloud, Big Problem

Blog Published: 08/15/2012

By Todd ThiemannBig data presents a big opportunity for businesses to mine large volumes of data from a variety of sources to make better and more high velocity decisions. Since big data implementations are practically always deployed in a cloud environment, be it a private cloud or public cl...

Avoiding Storms In The Cloud – The Critical Need for Independent Verification

Blog Published: 08/16/2012

By Chris Wysopal, Co-founder and CTO of VeracodeLast year, Forrester predicted that cloud computing would top $240 billion in 2020. Market Research Media came up with a more aggressive forecast of $270 billion in 2020. None of this data is particularly surprising, as cloud technology is clea...

Your Cloud Provider is a Partner… Not a One-Night Stand

Blog Published: 08/21/2012

“We programmatically interface with Cloud Providers to manage our customer data, so we can rely on them for securing our services right?” Wrong!The moment you start interfacing with a Cloud Provider you immediately inherit the risks associated with their deployment, development, and security m...

Is crypto in the cloud enough?

Blog Published: 08/27/2012

Box.net, DropBox, iCloud, SkyDrive,Amazon Cloud Drive... the list goes on for convenient cloud storage options. Some have had a security incident; the rest will. All implement some form of protection against accidental exposure with varying degrees of protection. Are these sufficient and, in t...

Can You Be Sued for Using the Cloud?

Blog Published: 08/29/2012

We all know that adopting the Cloud comes with some risks – security, reliability and scalability have, to-date, been the most popular complaints. But now, we can add a new one to the mix: litigation. Case in point, companies doing business in Australia, known for its strict privacy laws, have...

7 Steps to Developing a Cloud Security Plan

Blog Published: 09/10/2012

By David Grimes, Chief Technology Officer, NaviSite In IT, the easiest way to stop a new technology or solution from being implemented is to raise a security red flag. As soon as someone mentions concerns around a new IT solution not being “secure” the project can come to a screeching halt. So...

Managing consumer technology in the enterprise - Why IT needs to change mindset to better support the business.

Blog Published: 09/19/2012

Talking regularly about the consumerization of IT can often make one sound like a broken record, but the economic, security and management challenges it throws up for enterprises are too important to ignore.The problems boil down to a lack of control, which can be described in two key ways. IT...

The Impact of Computing Power on Cryptography

Blog Published: 09/21/2012

Advanced technology is a beautiful thing. Not only has it enabled the creation of new, more efficient methods of application delivery and data storage (the Cloud is a prime example), but it’s also helped propel the development of more sophisticated solutions for data protection as well (think ...

Riding the Consumerization Wave

Blog Published: 10/07/2012

Rather than resist it, organizations should embrace Consumerization to unlock its business potential. This requires a strategic approach, flexible policies and appropriate security and management tools.The Consumerization of IT is the single most influential technology trend of this decade. Co...

Assessing Your IT Environment and Evaluating Cloud

Blog Published: 10/09/2012

by John Howie, COO, CSAIn many conversations with IT leaders today we discovered a common problem: they need a simple way to understand systems, processes, current policies and procedures and be able to evaluate how the cloud may help them realize lower IT security costs, improve best pract...

Removing Cloud Barriers in Europe

Blog Published: 10/10/2012

No one is immune to the ever-changing technology forecast, but one constant (at least for the near future) appears to be global cloud cover. Cloud computing is arguably the most dominant theme on every enterprise’s IT list, but in Europe, it’s being met with some key challenges. The European...

Red Hat Joins the Cloud Security Alliance

Blog Published: 10/17/2012

By: Cloud Computing TeamThat user concerns about security and related matters are part and parcel of how and when cloud computing—whether on-premise, in public clouds or a hybrid—gets adopted isn't news. Even if the risks are sometimes more about perception than reality, the fact remains that ...

Context + Analytics = Good Security

Blog Published: 10/17/2012

Data [dey-tuh] noun: individual facts or statisticsInformation [in-fer-mey-shuhn] noun: knowledge concerning a particular fact or circumstanceWhen does data become consumable information? When we correctly manage security, we integrate security devices into our infrastructure in a manner desig...

The High Costs of Securing Identities: How to Fix the Problem Using the Cloud

Blog Published: 10/26/2012

Authored by: Dan Dagnall, Chief Technology Strategist at Fischer International Identity Identity Management is well down the path of a mature market space. But I believe there is still one final, fundamental disconnect which is driving up your cost of deploying and maintaining an identi...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
26
27
28
30
32
33
34
Last »