In February of 2013, research firm Gartner predicted that global spending on cloud computing would grow from 77 to 210 billion dollars from 2010 to 2016. They also reckon there will be a 41.3% compound annual growth rate (CAGR) through 2016 of Infrastructure-as-a-Service. Wow! The good news is, at this rate of growth businesses and individuals will make significant gains in productivity and organization in the coming years. The bad news is without proper cloud security standards and protocols, cloud computing could pose a major security risk.
The Cloud Security Alliance was formed in 2008 in response to the massive uptake of cloud computing and the subsequent need for standardized security measures. Created as a not-for-profit, member-driven organization, the CSA uses evidence and collaboration to promote best practices for optimal security assurance within the cloud computing industry. They’ve also taken on the task of delivering education, training and offer certifications for individuals, official CSA Chapters, corporations and small businesses wishing to enhance their knowledge and security in the cloud.
The Perks of Membership
Those interested in membership can sign up for the CSA Announcements mailing list and stay up-to-date on research, events and training. Complimentary memberships based on minimal participation are also available. Through local CSA Chapters, groups of members and experts come together to share knowledge and practices and discuss the latest issues in cloud security. Membership is also open to small businesses whose annual revenue falls below three million US dollars with the SMB corporate members.
Security Incentives for Cloud Computing Service Providers
The CSA recently launched the Security, Trust & Assurance Registry (STAR) initiative. Designed to facilitate transparency of services and activities of cloud computing service providers, the STAR registry is a publicly accessible database that details security protocols and safety measures for cloud computing. According to the CSA this “searchable registry will allow potential cloud customers to review the security practices of providers, accelerating their due diligence and leading to higher-quality procurement experiences. CSA STAR represents a major leap forward in industry transparency, encouraging providers to make security capabilities a market differentiator.”
To appear on the registry, service providers submit a self-assessment report outlining their adherence to best practices established by the CSA and its affiliates illustrating to their potential clients how IaaS, SaaS and PasS service providers are taking action to adopt up-to-date, effective security protocols.
Here Come the Experts
You can’t have rules and protocols without certified experts to oversee and quality check them. The CSA offers members a number of courses and certifications for newbies and experts wanting accreditation. Cloud Computing Security Knowledge (CCSK) certification is a comprehensive exploration of security fundamentals and serves as a precursor to the Certificate of Cloud Security Knowledge-Plus—a practical application of CCSK foundations through hands-on activities and training, including a simulated migration.