Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Some Things To Consider When Extending Your IdM Into The Cloud
Published: 07/19/2012

About AuthorMark O’Neill is CTO of Vordel, a company which enables companies to connect to mobile and cloudLike many organizations, you no doubt face the challenge of extending your IT operations into the cloud to take advantage of the many cloud-based services demanded by your users today. As yo...

Cloud Security Best Practices: Sharing Lessons Learned
Published: 07/10/2012

By Frank Simorjay, Sr. Product Marketing Manager, Microsoft Trustworthy ComputingCompliance regulations and frameworks can be difficult to comprehend and even harder to explain to management when it’s time to invest in mastering IT governance. TheCloud Security Alliance (CSA) has taken steps to h...

Think beyond securing the edge of the enterprise. It's time to secure the "edge of the Cloud"
Published: 07/09/2012

By Ed King, VP Product Marketing, VordelEveryone is familiar with the notion of securing the edge of the enterprise. With the growing adoption of cloud technologies, IT must now also think about securing the "edge of the Cloud". The edge of the Cloud is the perimeter around any Cloud environmen...

CNIL (French Data Protection Authority) recommendations on the use of cloud computing services
Published: 06/28/2012

On June 25, CNIL – the French Data Protection Authority – published its recommendation on the use of cloud computing services. This recommendation is the result of a research project on cloud issues, which started in the Fall of 2011 with a consultation with industry. The documents released by CN...

Free Your Data & the Apps Will Follow – But what About Security?
Published: 06/22/2012

About AuthorMark O’Neill is CTO of Vordel, a company which enables companies to connect to mobile and cloud Application Programming Interfaces (API) represent such an important technology trend, that new business models are evolving on top of them, and this has led to the term “The API economy”. ...

Outline of BCR for Processors Published by Article 29 Working Party (EU)
Published: 06/20/2012 of BCR for Processors Published by Article 29 Working Party On June 19, 2012, the Article 29 Working Party adopted a Working Paper (WP 195) on Binding Corporate Rules (BCR) for p...

Are Network Perimeters the Berlin Walls of Cloud IdM?
Published: 05/14/2012

A single enterprise wide identity and access management (IAM) platform is a noble but unattainable goal. The network perimeter is now a metaphorical “Berlin Wall” between the two identity platform domains of Cloud and On-Premise. It is time for enterprises to formalize a strategy of integrating t...

Cloud Market Maturity
Published: 05/02/2012

by Henry St. Andre, CCSK | Trust Office Director | inContactThe Cloud Security Alliance, in conjunction with ISACA will be initiating a new working group to perform research on what it means to have Market Maturity in the Cloud. This is a very interesting subject for me. I have been working in ...

Outsourcing B2B Integration: The Forgotten Option
Published: 05/01/2012

Business continuity remains a major concern for enterprises as they move more mission-critical processes to the cloud. Outsourcing B2B integration while ensuring cloud security in order to effectively integrate business processes is challenging at best and ambiguous for certain. All too often, ...

Configuration Compliance in the Cloud
Published: 04/25/2012

By David Meltzer As a member solution provider in the Cloud Security Alliance, paying careful attention to risk and planning for improvement is second nature for my own companies’ security services. As a consumer of many start-up cloud services built completely outside the security industry, how...

Cloud Security Requires All Hands on Deck
Published: 04/12/2012

Andrew Wild, CSO at Qualys, discusses how security postures and attitudes need to change as more and more IT functionality moves to the cloud It’s clear there are many compelling reasons, both financial and productivity-related, for enterprises to move IT functionality into the cloud, so it’s not...

Kudos to Microsoft! 3 Offerings Now on the STAR Registry
Published: 04/11/2012

We at the CSA want to offer a hearty congratulations to the team at Microsoft, for their leadership in completing and publishing STAR assessments for their products. As of today, Office 365, Windows Azure and Dynamics all have STAR assessments completed and published.We applaud Microsoft for lead...

Cloud Fundamentals Video Series: Bring Your Own Device and the Cloud
Published: 03/28/2012

Another great video out on the Trustworthy Computing site...This latest video features Tim Rains, director, Trustworthy Computing, speaking with Jim Reavis of the CSA about the consumerization of IT and the issues that can be encountered when employees place an organization’s data on their person...

Secure Cloud – Myth or Reality?
Published: 03/19/2012

Cloud Security is not a myth. It can be achieved. The biggest hindrance on debunking this myth is for enterprise businesses to begin thinking about the Cloud differently. It is not the equipment of co-location dedicated servers, or on-premises technology, as it is changeable, flexible and tran...

Seeing Through the Clouds: Gaining confidence when physical access to your data is removed
Published: 03/12/2012

Cloud computing brings with it new opportunities, new frontiers, new challenges, and new chances for loss of intellectual property. From hosting simple web sites, to entire development environments, companies have been experimenting with cloud-based services for some time. Whether a company dec...

Lock Box: Where Should You Store Cloud Encryption Keys
Published: 03/12/2012

Whether driven by regulatory compliance or corporate mandates, sensitive data in the cloud needs protection along with access control. This usually involves encrypting data in transit as well as data at rest in some way, shape or form, and then managing the encryption keys to access the data. The...

Deprovisioning in the Cloud
Published: 02/23/2012

Let's be honest: how many of you have tried logging in to one of your former employer’s accounts? Maybe you had a CRM solution and you wanted to get the name of that guy who suggested he had the next hot idea. You didn't set your out-of-office message with your new/personal contact information ...

Opportunity Knocks Once…
Published: 02/10/2012

In 1983, I was a young electrical engineering student, when I took a job working for a small long distance company in Phoenix Arizona. For me, Opportunity had Knocked and I had just opened the door on an amazing future. In the world of communications, things were already changing and were about...

Cloud Fundamentals Video Series: The Benefits of Industry Collaboration to Cloud Computing Security
Published: 01/19/2012

SUBJECT: Cloud Fundamentals - Video from CSA Congress with Jim Reavis, Executive Director of the CSA, and Tim Rains, Microsoft's Director of Trustworthy Computing At the CSA Congress in November, Tim Rains, Director of Trustworthy Computing for Microsoft, sat down with Jim Reavis, our ...

“On your mark … Get set … CLOUD!” (Part 2)
Published: 01/06/2012

A Commentary and Essay by Ron KnodeMy last post introduced the notion that preparation for enterprise cloud processing is comparable to the commands, “On your mark” and “Get set,” that precede the beginning of a race. Until the “GO,” there’s no progress toward the finish line – the payoff. I outl...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.