By John Howie, COO, Cloud Security Alliance
In keeping with our CSA mission to promote best practices for providing security assurance, I have a few resources to share that can help organizations understand cloud computing trends and assess their own current IT environment with regard to security, privacy and reliability practices, policies and compliance.
Microsoft released a new Trends in cloud computing report, which analyzes the results of current IT maturity and adoption practices of organizations worldwide that have used the free Cloud Security Readiness Tool (CSRT). The report data consists of answers provided by approximately 5700 people whose anonymized responses to the CSRT’s 27 questions were collected over a six-month period between October 2012 and March 2013.
This report helps organizations understand current cloud computing trends and evaluate IT security areas that are strengths and weaknesses. For example, areas of strength for those who utilized the tool are information security (through deployment of antivirus/antimalware software), security architecture, and facility security whereas areas of weakness are human resources security, operations security, information security (through consistent incident reporting), legal protection and operations management. I encourage you to read the report and see how these trends are evolving over time.
A few months ago CSA recommended Microsoft’s Cloud Security Readiness Tool (CSRT). The CSRT helps organizations review and understand their IT maturity level and their readiness to consider adopting or growing cloud services. The tool’s foundation builds on the Cloud Security Alliance’s Cloud Control Matrix (CCM) to ensure a common set of controls objectives are used to evaluate organizations maturity. The tool is a simple way to adopt Security, Trust, and Assurance Registry (STAR) and CCM principles.
The CSRT tool helps organizations understand their IT readiness so they are in a better place to make informed comparisons and evaluate the benefits of cloud adoption.