The Cloud Security Alliance (CSA) on Thursday announced the selection of a first round of "trusted providers" for cloud security.
In a press announcement, the group said a Trusted Cloud Provider “trustmark” will get displayed on each organization’s CSA Security, Trust, Assurance & Risk (STAR) registry. The CSA hopes this will assist security teams in identifying cloud providers that demonstrate a commitment to holistic security. More than 50 providers have been pre-qualified for the inaugural group.
Jim Reavis, the CSA’s co-founder and CEO, said CSA STAR and FedRAMP for the U.S. federal market are both cloud provider certification programs, but CSA STAR started a year before FedRAMP and its registry consists of a much larger repository of cloud provider security statements.
“This new CSA Trusted Cloud Provider program builds upon CSA cloud provider certification to also quantify the credentialing of provider personnel and their contributions to industry projects,” Reavis said. “This is intended to offer transparent B2B marketplace intelligence so businesses can better evaluate the security commitment and accomplishments of cloud providers.”
To become a CSA Trusted Cloud Provider, companies must meet the following criteria:
- Have a current entry in the CSA Security, Trust, Assurance & Risk (STAR) registry.
- At least one current member of staff must have achieved the CSA Certificate of Cloud Security Knowledge (CCSK).
- Sign on as a corporate member and volunteer at least 20 hours annually to CSA for activities such as research working groups, chapter events, blog posts, and other work for the good of the cloud community.
CSA will announce the first round of Trusted Cloud Providers at SECtember, its annual conference, which will run September 13-17 in Seattle.