Working Group

Security Guidance

Introduction

Cloud Security Alliance’s Security Guidance for Critical Areas of Focus in Cloud Computing seeks to establish a stable, secure baseline for cloud operations. This effort provides a practical, actionable roadmap to managers wanting to adopt the cloud paradigm safely and securely. Domains are reviewed to emphasize security, stability, and privacy in a multi-tenant environment. The CSA’s Security Guidance for Critical Areas of Focus in Cloud Computing builds on previous iterations through dedicated research, public participation from CSA members, working groups, and industry experts. This version incorporates advances in cloud, security, and supporting technologies, reflects on real-world cloud security practices, integrates the latest CSA research projects, and offers guidance for related technologies. The goal of the fourth version of Security Guidance for Critical Areas of Focus in Cloud Computing is to provide guidance and inspiration to support business goals while managing and mitigating the risks associated with cloud computing adoption.

Artifacts

Security Guidance v4.0 Info Sheet
Security Guidance v4.0 Info Sheet

This version, the first major update since 2011, is the culmination of over a year of dedicated research and public participation from the CS...

Security Guidance for Critical Areas of Focus in Cloud Computing v4.0 (Spanish Translation)
Security Guidance for Critical Areas of Focus in Cloud Computing v4.0 (Spanish Translation)

Con este documento, nuestro objetivo es proporcionar tanto orientación como inspiración para respaldar los objetivos comerciales, mientras ...

Security Guidance v4.0 - Chinese Translation
Security Guidance v4.0 - Chinese Translation

欢迎来到云安全联盟关于云计算关键领域安全指南的第四个版本。云计算的兴起是一项不 断发展的技术,它带来了许多机遇和挑战。通过这个文档,我们的目标是提供指导和灵感来支 持业务目标,同时管理和减轻采用云计算技术相关的风险。

Security Guidance for Critical Areas of Focus in Cloud Computing v4.0 - Japanese Translation
Security Guidance for Critical Areas of Focus in Cloud Computing v4.0 - Japanese Translation
Security Guidance for Critical Areas of Focus in Cloud Computing v4.0
Security Guidance for Critical Areas of Focus in Cloud Computing v4.0

The rise of cloud computing as an ever-evolving technology brings with it a number of opportunities and challenges. With this document, we ai...

FedRAMP Cloud Controls Matrix v3.0.1 Candidate Mapping
FedRAMP Cloud Controls Matrix v3.0.1 Candidate Mapping
New Security Guidance for Early Adopters of the IoT
New Security Guidance for Early Adopters of the IoT
Security Guidance for Critical Areas of Focus in Cloud Computing V3.0
Security Guidance for Critical Areas of Focus in Cloud Computing V3.0

The CSA guidance as it enters its third edition seeks to establish a stable, secure baseline for cloud operations. This effort provides a pra...

Cloud Computing for Business
Cloud Computing for Business

This book is for all these people, and indeed for all executives whose companies are using, or thinking of using, cloud computing.

NIST Guidelines on Security and Privacy in Public Cloud Computing
NIST Guidelines on Security and Privacy in Public Cloud Computing
Security Guidance for Critical Areas of Focus in Cloud Computing V2.0
Security Guidance for Critical Areas of Focus in Cloud Computing V2.0
Security Guidance for Critical Areas of Focus in Cloud Computing V1.0
Security Guidance for Critical Areas of Focus in Cloud Computing V1.0

Open Peer Reviews

Artifact reviews allow security professionals from around the world to collaborate on CSA research. Provide your feedback on the following documents in progress.

Next Meeting

No Meetings Currently Scheduled

See all Meetings

Leadership

Rich Mogull Headshot

Rich is the VP of Product for DisruptOPS and Analyst and CEO of Securosis. With twenty years of experience in information security, physical security, and risk management, Rich is one of the foremo...

 
Rich Mogull