Blog Posts Tagged with "Cloud Security Alliance"


Understanding Cloud Security Part One

March 11, 2012 Added by:Neira Jones

The cloud provides an opportunity to re-architect older applications and infrastructure to meet or exceed modern security requirements. At other times, the risk of moving sensitive data and applications to an emerging infrastructure might exceed tolerance levels...

Comments  (0)


The Patchwork Cloud - Security and Incentives

March 04, 2012 Added by:Rafal Los

A cloud service provider who isn't doing well at meeting security controls and requirements has two options - ignore the voluntary attestation and stay off the STAR registry, or only answer certain parts. This makes it impossible to have a level playing field...

Comments  (1)


The Cloud’s Low-Rent District

March 01, 2012 Added by:Dave Shackleford

How many CSPs would take security more seriously if they knew there was a provision in every contract stating that customers could publicly describe security failings and immediately move their data and systems elsewhere with no questions asked? I’m sure you’re saying yeah, right...

Comments  (1)


PCI DSS in the Cloud... From the PCI Council

June 23, 2011 Added by:Anton Chuvakin

The long-awaited PCI Council guidance on virtualization has been released. This guidance does not focus on cloud computing, but contains more than a few mentions, all of them pretty generic. Here are some of the highlights and my thoughts on them...

Comments  (1)


Application Software in the Cloud – Power to the People

June 08, 2011 Added by:Danny Lieberman

We all use the term ”IT Governance” as if security of data was dependent on policy. Since we have lots of IT governance and lots of data breaches, we may safely assume that writing procedures while the hackers attack software and steal data is not an effective security countermeasure...

Comments  (0)