Blog Posts Tagged with "Cloud Security Alliance"
March 11, 2012 Added by:Neira Jones
The cloud provides an opportunity to re-architect older applications and infrastructure to meet or exceed modern security requirements. At other times, the risk of moving sensitive data and applications to an emerging infrastructure might exceed tolerance levels...
March 04, 2012 Added by:Rafal Los
A cloud service provider who isn't doing well at meeting security controls and requirements has two options - ignore the voluntary attestation and stay off the STAR registry, or only answer certain parts. This makes it impossible to have a level playing field...
March 01, 2012 Added by:Dave Shackleford
How many CSPs would take security more seriously if they knew there was a provision in every contract stating that customers could publicly describe security failings and immediately move their data and systems elsewhere with no questions asked? I’m sure you’re saying yeah, right...
June 23, 2011 Added by:Anton Chuvakin
The long-awaited PCI Council guidance on virtualization has been released. This guidance does not focus on cloud computing, but contains more than a few mentions, all of them pretty generic. Here are some of the highlights and my thoughts on them...
June 08, 2011 Added by:Danny Lieberman
We all use the term ”IT Governance” as if security of data was dependent on policy. Since we have lots of IT governance and lots of data breaches, we may safely assume that writing procedures while the hackers attack software and steal data is not an effective security countermeasure...
Tips for Writing Good Security Policies... Sofia Joseph on 12-26-2014
Freedom versus Security... Jessie H. Beall on 12-26-2014
Freedom versus Security... Jessie H. Beall on 12-25-2014