CSA, BSI launch cloud security cert program
The Cloud Security Alliance (CSA) and Australian business standards company BSI have launched a third-party security certification program for cloud providers.
The STAR Certification program assesses cloud providers’ security capabilities using ISO/IEC guidelines and the CSA’s own Cloud Control Matrix.
Companies looking to achieve STAR Certification will need to demonstrate compliance with the globally recognised ISO/IEC 27001 information security management standard.
Providers must also meet the various criteria of the Cloud Control Matrix, including sections covering data governance, information security and resilience.
Assessments will be carried out by CSA-accredited certification bodies such as BSI. There will be three levels of certification - gold, silver and bronze - based on the maturity of providers’ various processes.
BSI Managing Director Nick Koukoulas said the certification program will fulfil an unmet need. “In response to recent concerns raised by the government, both consumers and providers of cloud-based services have been asking for independent, technology-neutral certification to help them make more informed decisions about the services they purchase and use,” he said.
“In providing a rigorous, user-centric assessment, STAR Certification will provide an additional layer of transparency,” Koukoulas said.
Storage strategy in the multicloud era
Data has become the essential raw material in the strategic orientation of business, making data...
Private AI models: redefining data privacy and customisation
Private AI signifies a critical step forward towards a more secure, personalised and efficient...
Why having an observability strategy is critical for effective AI adoption
As organisations continue to adopt AI and put it to work in a variety of innovative ways, many...
