The Cloud Security Alliance (CSA) released its second edition of the Security Application Guide for cloud computing Services in Thursday. The nonprofit alliance was formally established in April to promote best practices in cloud computing security. They released their first edition of the Guide at the 2009 RSA Conference, the most authoritative annual summit in the global Information security arena. Jim Reavis, co-founder and executive director of the Cloud Security Alliance, said the new version of the key area of cloud computing's focus Guide-version 2.1, provides more specific information in some areas and offers more practical advice. The process, he says, will eventually evolve the industry's need to audit and certify cloud service providers. "I am not saying that we will have to stand up for all the things in this industry, however, we have started to do something to move on that side." The key to curbing the use of cloud computing by large companies to do important things is that they do not have a comprehensive compliance regime. The whole environment has not been developed. The CSA Guide, developed by dozens of contributors, outlines key issues and provides recommendations covering 13 areas, including incident response, encryption and key management, identity and access management, and regulatory and electronic searches. It is designed to help organizations figure out what problems should be presented to cloud service providers, the current recommendations and the easy mistakes that should be avoided. Several agencies have started using first-edition guidelines to develop their long-term cloud strategy, Reavis said. He added that the new version "will give them more communication guidance with cloud service vendors". CSA has expanded its membership since its inception and now has 23 members, including heavyweight companies: Microsoft, Cisco Bae Inc. and has Co. Reavis said the alliance has successfully promoted the topic of cloud security and pushed the information security industry into the "forward-looking field of new things", although those areas are not the usual practice required in the industry. CSA has successfully built a global footprint for its next year's promotion program, Reavis said: "What we see is a large number of private clouds; so many governments and industries in the world are developing their cloud in their own direction." We can stand on the opposite side and try to get everyone to use the same cloud. He added that CSA plans to open next year a study of cloud security threats and a tool that maps the guidelines to control frameworks and standards (such as PCI Data security standards and ISO 27001) and is planning for some educational activities. "Responsible editor: May TEL: (010) 68476606" Original: Cloud security alliance Release Update security Application Guide return to network security home
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
