- Cloud Security Alliance

advertisement
Keynote
Copyright © 2011 Cloud Security Alliance
www.cloudsecurityalliance.org
Paul Simmonds
Copyright © 2011 Cloud Security Alliance
www.cloudsecurityalliance.org
Global, not-for-profit organization
Over 23,000 individual members, 100 corporate members,
50 chapters
Building best practices and a trusted cloud ecosystem
Agile philosophy, rapid development of applied research
GRC: Balance compliance with risk management
Reference models: build using existing standards
Identity: a key foundation of a functioning cloud economy
Champion interoperability
Enable innovation
Advocacy of prudent public policy
“To promote the use of best practices for providing security assurance within Cloud
Computing, and provide education on the uses of Cloud Computing to help
secure all other forms of computing.”
Copyright © 2011 Cloud Security Alliance
www.cloudsecurityalliance.org
Copyright © 2011 Cloud Security Alliance
www.cloudsecurityalliance.org
Updated content
Technologically comprehensive
Internationally accepted format and structure
Broadest possible contributor base
Peer reviewed domains
Easily translatable
Ready for Standards submissions
Copyright © 2011 Cloud Security Alliance
www.cloudsecurityalliance.org
One comprehensive, C-level, best practice
A stable, secure baseline for cloud operations
A practical, actionable road map for managers
Technologically comprehensive
Incorporating lessons learned from the CSA GRC
Stack and Trusted Cloud Initiative and the various
other CSA activities
Copyright © 2011 Cloud Security Alliance
www.cloudsecurityalliance.org
Domains have been rewritten to emphasize;
Security
Stability
Privacy
Incorporating lessons learned from;
CSA GRC Stack
Trusted Cloud Initiative
The various other CSA activities
Controls focused data ownership while in a shared
physical infrastructure
Copyright © 2011 Cloud Security Alliance
www.cloudsecurityalliance.org
“Cloud” has developed in the two years since the
publication of 2.1
2.1 guidance can be inconsistent
Thinking on cloud, the tools, and the techniques have
evolved
Standard in use have firmed-up
Some recommendations need to be deprecated
Copyright © 2011 Cloud Security Alliance
www.cloudsecurityalliance.org
Three global editors
Editorial Working Group
Archie Reed
Paul Simmonds
Chris Rezek
Endeavouring to present a measured and
balanced product meeting the interests of
both cloud providers and cloud consumers
Copyright © 2011 Cloud Security Alliance
www.cloudsecurityalliance.org
Copyright © 2011 Cloud Security Alliance
www.cloudsecurityalliance.org
Domain
Review Begins Review Ends
Status
Domain 1: Cloud Computing Architectural Framework
Sept 13, 2011
Sept 24, 2011
Closed
Domain 2: Governance and Enterprise Risk Management
Sept 16, 2011
Sept 27, 2011
Closed
Domain 3: Legal Issues: Contracts and E-Discovery
Sept 20, 2011
Oct 01, 2011
Closed
Domain 4: Compliance and Audit
Sept 22, 2011
Oct 03, 2011
Closed
Domain 5: Information Management and Data Security
Sept 19, 2011
Sept 30, 2011
Closed
Domain 6: Portability and Interoperability
Sept 13, 2011
Sept 24, 2011
Closed
Domain 7: Security, Business Continuity & Disaster Recovery
Sept 24, 2011
Oct 05, 2011
Closed
Domain 8: Data Center Operations
Sept 21, 2011
Oct 02, 2011
Closed
Domain 9: Incident Response, Notification, and Remediation
Sept 22, 2011
Oct 03, 2011
Closed
Domain 10: Application Security
Sept 13, 2011
Sept 24, 2011
Closed
Domain 11: Encryption and Key Management
Sept 21, 2011
Oct 02, 2011
Closed
Domain 12: Identity and Access Management
Sept 16, 2011
Sept 27, 2011
Closed
Domain 13: Virtualization
Sept 13, 2011
Sept 24, 2011
Closed
Domain 14: Security as a Service
Sept 29, 2011
Oct 10, 2011
Open
Copyright © 2011 Cloud Security Alliance
www.cloudsecurityalliance.org
Aiming for publication by the
Orlando conference
Lots to do to hit this deadline!
Copyright © 2011 Cloud Security Alliance
www.cloudsecurityalliance.org
Review and critique
(thank you for all the effort to date)
It does not stop with V3.0 . . . . !
Promote it’s existence
Read it
Use it
Copyright © 2011 Cloud Security Alliance
www.cloudsecurityalliance.org
Help Us Secure Cloud Computing
www.cloudsecurityalliance.org
[email protected]
LinkedIn: www.linkedin.com/groups?gid=1864210
Twitter: @cloudsa
Copyright © 2011 Cloud Security Alliance
www.cloudsecurityalliance.org
Copyright © 2011 Cloud Security Alliance
www.cloudsecurityalliance.org
Download
Related flashcards
Create Flashcards