STAR cloud security certification launched by BSI and CSA NEWS JANE MCCALLION SEP 25, 2013 Share on print Share on email Share on linkedin Share on twitter More Sharing Services Cloud with green tick ISO 27001-based certification will help rebuild consumer confidence, organisations claim The Cloud Security Alliance (CSA) and British Standards Institute (BSI) have launched the STAR certification programme – a third party, technology-neutral assessment of cloud service providers’ security provisions. The programme, named STAR, combines the requirements of the ISO/IEC 27001:2005 management system standard with the CSA Cloud Control Matrix – a specified set of criteria that, the organisations claim, measure the capability levels of the cloud service. Providing a rigorous, user-centric assessment ... will provide an additional layer of transparency The intention to develop STAR was announced in August 2013, following a survey showing a high level of distrust with US cloud providers which had even led to some companies cancelling contracts with American providers. Daniele Catteddu, managing director for EMEA at CSA, said: “Especially in light of recent government revelations, both consumers and providers of cloud-based services have been asking for independent, technology-neutral certification to help them make more informed decisions about the services they purchase and use. “In providing a rigorous, user-centric assessment, STAR Certification will provide an additional layer of transparency that the industry has been calling for,” she added. Those undertaking the STAR certification programme will be provided with an internal report based on an independent assessment by an accredited body such as the BSI. The assessment will consist of a management capability score given against each of 11 control areas, which will be measured against five management principles. Organisations will be awarded one of four levels in the report – No, Bronze, Silver or Gold – depending on whether or not they have passed and how mature their processes are. It will also outline areas for improvement where needed. Those that pass, i.e. achieve either a Bronze, Silver or Gold rating, will be listed on the CSA Star Registry as Star Certified. Elaine Munro, head of global portfolio management at BSI, said: “Technological developments in the workplace and desire for employees to be able to work flexibly have led to an increase in business demand for cloud services. However, many organisations are wary of cloud services due to a variety of security concerns. “The STAR Certification will help alleviate this problem, as it will provide organisations and consumers with a clear benchmark on which to evaluate the performance of a cloud service provider,” she concluded. TAGS: Cloud Security BSICSASTAR certification programmecloud certification ISO 27001 2
Posted on: Wed, 25 Sep 2013 19:15:37 +0000
Trending Topics
Recently Viewed Topics
© 2015