Download Publication
Who it's for:
- Application developers
- Application Architects
- Cybersecurity professionals
- Cloud security practitioners
- IT professionals
- Auditors
- Compliance managers
SaaS Governance Best Practices for Cloud Customers
Release Date: 10/10/2022
Working Group: SaaS Governance
- Provides a baseline set of SaaS governance best practices for protecting data within SaaS environments;
- Enumerates and considers risks according to the SaaS adoption and usage lifecycles, and
- Provides potential mitigation measures from the SaaS customer’s perspective.
Download this Resource
Acknowledgements
Anthony Smith
Cloud CyberSecurity
Anthony brings over 20+ years IT experience, specializing in IT compliance, auditing, governance. He has provided guidance in areas/industries such as: Manufacturing, Site Management, Merger's and Acquisitions, Emerging Technologies and Cloud Computing. He has extensive knowledge in: NIST, ISO, CAIQ and GDPR.
Anthony currently serves in the role of Cloud CyberSecurity advisor supporting the GCP, Azure and AWS platforms.
Tim Bach
VP Security Engineering
Tim Bach is the Vice President of Engineering at AppOmni. His career as a security practitioner has focused on security engineering initiatives that make best in class security accessible and usable to teams of all sizes and industries.
Before joining AppOmni, Tim held security engineering roles at Apple and Salesforce. At Salesforce, Tim led the security team that designed and developed solutions to secure the AppExchange ecosystem ...
Alistair Cockeram
Security Architect at Financial Services
Alistair has spent over two decades specialising in network & information security management across Internet Service Provider, Defence and the Financial Services sectors.
Alistair is a member of the Cloud Security Alliance Software-Defined Perimeter (SDP) Zero Trust and SaaS Governance working groups.
An acknowledged reviewer of the CSA SDP Specification v2.0 and co-author of the SaaS Governance Best Practice Guide.
Sai Honig
Bryan Solari
Chris Hughes
Co-Founder and CISO at Aquia
Chris currently serves as the Co-Founder and CISO of Aquia. Chris has nearly 20 years of IT/Cybersecurity experience. This ranges from active duty time with the U.S. Air Force, a Civil Servant with the U.S. Navy and General Services Administration (GSA)/FedRAMP as well as time as a consultant in the private sector. In addition, he also is an Adjunct Professor for M.S. Cybersecurity programs at Capitol Technology University and University of...
Saan Vandendriessche
Walter Haydock
Walter Haydock is an expert on vulnerability management, software supply chain resilience, and industrial Internet of Things (IoT) security. Before entering the private sector, he served as a professional staff member for the Homeland Security Committee of the U.S. House of Representatives, as an analyst at the National Counterterrorism Center, and as a reconnaissance and intelligence officer in the Marine Corps.
Andreas Peter
Yao Sing Tao
James Underwood
Senior Security Architect at Blackbaud, Inc
Zeal Somani
Paul Lanois
Andrew Luhrmann
Amit Kandpal
Director of Customer Success, Netskope
Akin Akinbosoye
Luciano (J.R.) Santos
Chief Customer Officer, CSA
J.R. Santos serves as the Chief Customer Officer for the Cloud Security Alliance. In this role, J.R. serves as a CSA Member advocate, partnering with leaders across all business units to transform the member experience and ensure that members are the center of every business decision. J.R. leads the Experience Services organization that includes the CSA Membership and Sales team, who work collaboratively to promote a consistent experience f...
Mickey Law
Jessica Shouse
Abhishek Vyas
Head of Security Consultancy and Architecture
I have been working in Cybersecurity for over 10 years, and have been working on large scale multi-cloud programs in the Software and Finance industries over that period. I deliver business value through robust, scalable, fit for business cybersecurity, by establishing new ways of working to help the business to innovate. Challenging the status quo to help remove inertia, and ensuring that cybersecurity remains relevant and mea...
Michael Roza
Risk, Audit, Control and Compliance Professional
Since 2012 Michael has contributed to over 100 CSA projects completed by CSA's Internet of Things, Zero Trust/Software-Defined Perimeter, Top Threats, Cloud Control Matrix, Containers/Microservices, DevSecOps, and other working groups. He has also served as co-chair of CSA's Enterprise Architecture, Top Threats, and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, SECaaS, and Cloud K...
Interested in helping develop research with CSA?
Related Certificates & Training
Learn the core concepts, best practices and recommendation for securing an organization on the cloud regardless of the provider or platform. Covering all 14 domains from the CSA Security Guidance v4, recommendations from ENISA, and the Cloud Controls Matrix, you will come away understanding how to leverage information from CSA's vendor-neutral research to keep data secure on the cloud.
Learn more