By Daniele Catteddu, Chief Technology Officer, Cloud Security Alliance
Compliance, assurance and vendor management are becoming more and more complex and resource-intensive issues, so we created STARWatch, a Software as a Service (SaaS) application designed to provide organizations a centralized way to manage and maintain the integrity of the vendor review and assessment process. Today, we’re excited to announce its official launch. Even more exciting is that we are emerging from Beta with more than 250 active licenses activated.
STARWatch delivers the content of the CSA’s de facto standards Cloud Control Matrix (CCM) and CSA’s Consensus Assessments Initiative Questionnaire v3.0.1 (CAIQ) in a database format, enabling users to manage compliance of cloud services with CSA best practices. It was designed to provide cloud users, providers, auditors and security providers with assurance and compliance on-demand. Additionally, it provides users the ability to:
- manage all cloud service providers and their own private clouds to assure a consistent security baseline is maintained;
- build and maintain a CSA Security Trust and Assurance Registry (STAR) entry and provide customers with rapid responses to their compliance questions;
- perform audits and assessments of cloud services/provider security;
- have a clear reference between CCM controls and the corresponding controls in other industry standards;
- leverage the STARWatch solution database format and technical specifications for integration within an organization’s cloud environment; and
- enabling sharing and peer reviewing of cloud services security assessments.
CSA STARWatch is free to CSA corporate members. Non-members may purchase licenses starting at $3,000 annually for an Expert license and $5,000 annually for Enterprise licenses. Learn more about CSA STARWatch.
STARWatch is part of the larger CSA STAR program, the industry’s most powerful program for security assurance in the cloud, which encompasses the key principles of transparency, rigorous auditing and harmonization of standards, with continuous monitoring. Currently there are 230 Cloud Service Providers in the STAR program, which includes STAR Self-Assessment, STAR Certification, STAR Attestation and C-STAR Assessment.