The Cloud Security Alliance (CSA) announced the selection of a first round of “trusted providers” for cloud security. CSA, a dedicated organization for defining best practices for cloud security, assumes that these trustmarks (will be displayed on each organization’s Security, Trust, Assurance and Risk (STAR) registery) will assist customers in identifying cloud providers that demonstrate their commitment.
There are some criteria that companies must follow to become a CSA Trusted Cloud Provides;
- have a current entry in the CSA Security, Trust, Assurance & Risk (STAR) registry
- have at least one current member of staff who has achieved the CSA Certificate of Cloud Security Knowledge (CCSK)
- be a corporate member and volunteer at least 20 hours annually to CSA for activities such as research working groups, chapter events, blog post, and other work for the common good
CSA’s co-founder and CEO, Jim Reavis said; “This new CSA Trusted Cloud Provider program builds upon CSA cloud provider certification to also quantify the credentialing of provider personnel and their contributions to industry projjects. This is intended to offer transparent B2B marketplace intelligence so business can better evaluate the security commitment and accomplishments of cloud providers.”
It was noteworthy that there are not many important security vendors which are already working for cloud security in the list. We will see how these trustmark will change the game in infosec world.