Executive Position Job Order  |  Executive Candidate Registration
Global Executive Search Recruiting Firm

Up In The Cloud: How Secure Is A Cloud Service?
- Executive Leadership Articles

RMA - Global Executive Search Recruiting Firm Solutions - Executive Search Recruiting Solutions Career Center - Executive Search Resources For Employers & Job Seekers Employers & Hiring Professionals - RMA Is Your Source For Top Executive Candidates Job Seekers & Executive Candidates - Your New Career Begins Here! Industry Expertise - Executive Search Recruiting Expertise In 30 Industries Company - Over 20 Years of Executive Search Recruiting Experience News & Articles - Executive Search Recruiting News & Articles Contact RMA - The Trusted Executive Search Recruiting Firm
Your Source For Top Executive Candidates
News & Articles »
News & Articles
Executive Search Firm News
Executive Leadership Articles
Follow RMA On Google+
Follow RMA On Facebook
Follow RMA On Twitter
News & Articles - Executive Search Recruiting News & Articles
Up In The Cloud: How Secure Is A Cloud Service? - Executive Leadership Articles

Up In The Cloud: How Secure Is A Cloud Service?

Executive Leadership Articles

Up In The Cloud: How Secure Is A Cloud Service?

When selecting a cloud service for your company, many factors must be considered, but among the top considerations is the security of the service. Cloud services must protect against catastrophic data loss and the possibility of your data falling into unauthorized hands. However, the problem with evaluating a service’s security is that it’s extremely difficult to rate anyone’s claims. How do you know that what a service claims is what it practices? And if you’re not fluent in the technical jargon a detailed explanation requires, how can you understand what it all means?

These are critical questions that can cause all kinds of confusion in a fast-growing and rapidly-evolving sphere of business, when stories of security breaches make the news almost weekly. The stakes are high for providers and consumers, which is partly why a not-for-profit organization called the Cloud Security Alliance was established in 2008. As a third-party certifying agency whose mission is to “promote the use of best practices for providing security assurance within cloud computing, and to provide education on the uses of cloud computing to help secure all other forms of computing,” it recognizes cloud service providers (CSPs) who meet its standards for data security.

The CSA was founded by volunteers in several realms of technology and business, working collaboratively to establish guidelines for security in cloud computing. Since then, its membership has grown to 80,000 members worldwide with sixteen full-time employees, contract staff, and 400 volunteers who continue to research and report on best practices. It also offers training and hosts regional events each year, including an international congress.

Most directly useful to a company selecting a cloud service is its CSA Security, Trust, & Assurance program, abbreviated to CSA STAR. The program allows cloud service providers the opportunity to demonstrate their practices in keeping data secure, and an accessible registry of these providers with the level of assurance CSA STAR verifies.

CSA STAR offers three levels of assurance. At its base is the self-assessment, a report submitted by the provider in response to CSA’s framework for best practices. You may not have time to learn and understand the components of this framework, but if you trust CSA’s team of volunteers, you at least have the organization’s assurance that its listed providers satisfy the criteria for best practices at this most basic level. The registry includes links to each provider’s self-assessment for those wishing to see the details.

The second level of assurance involves “certification” and “attestation,” the result of a “rigorous third-party, independent assessment of the security of a cloud service provider.” This evaluation rates criteria toward an assessment in each of several domains of its “cloud control matrix,” with a progressively stepped “maturity” level, telling the provider and potential customer how far the service’s security is from its highest rating, with “bronze,” “silver,” “gold,” and “none” designations.

CSA’s third level of assurance is still in development, according to the organization’s website, but it will be called CSA STAR Continuous, and it will involve a continuous auditing and assessment of a provider’s relevant security properties.

In the way you might check the Better Business Bureau before you commit to relationships with a service provider, or Charity Navigator before making a donation to a nonprofit, you can see whether a cloud service provider meets the criteria established by CSA. This is obviously not the only lens through which you will evaluate a provider, but it’s a good first step in establishing how conscientious a provider is in keeping its clients’ data secure from bad luck or bad intentions.

Reference Link:
The Cloud Security Alliance’s registry: https://cloudsecurityalliance.org/star/#_registry

 

RMA® Executive Search Recruiting Firm Locations:

 
United States & Canada:   Europe, Asia & Pacific:
 
  • Bangkok, Thailand
  • Beijing, China
  • Berlin, Germany
  • Hong Kong, China
  • Kuala Lumpur, Malaysia
  • London, England
  • Madrid, Spain
  • Melbourne, Australia
  • Moscow, Russia
  • Mumbai, India
  • New Delhi, India
  • Paris, France
  • Prague, Czech Republic
  • Rome, Italy
  • Stockholm, Sweden
  • Sydney, Australia
  • Tokyo, Japan
  • Vienna, Austria
  • Wellington, New Zealand
  • Zurich, Switzerland
 
 

Up In The Cloud: How Secure Is A Cloud Service? - Executive Leadership Articles

RMA Executive Search Recruiting Firm  /  News & Articles  /  Articles  /  Management: Religion In The Office




Start at the Career Center


News & Articles Links: