Assessing Your IT Environment and Evaluating Cloud
October 9, 2012 | Leave a Comment
by John Howie, COO, CSA
In many conversations with IT leaders today we discovered a common problem: they need a simple way to understand systems, processes, current policies and procedures and be able to evaluate how the cloud may help them realize lower IT security costs, improve best practices, and perhaps most importantly -communicate that to their management team. After all, a move to the cloud needs to be a strategic one.
Today at RSA Europe Microsoft announced a new free Cloud Security Readiness Tool that helps organizations better understand and improve their IT state, identify relevant industry regulations based on selected industries, and evaluate whether cloud adoption will meet their business needs. The tool can speed the assessment process of anyone considering cloud services.
The CSA Security, Trust and Assurance registry (STAR) is our publicly accessible registry that documents the security controls provided by cloud service offerings. CSA STAR is open to all cloud providers, and allows them to submit self assessment reports that document compliance to CSA published best practices. The searchable registry will allow potential cloud customers to review the security practices of providers, accelerating their due diligence and leading to higher quality procurement experiences. CSA STAR represents a major leap forward in industry transparency, encouraging providers to make security capabilities a market differentiator. CSA STAR currently contains 13 entries from 11 vendors. I encourage companies to go check out this tool to help assess the benefits of adopting a STAR service.