CSA, ISO partner on cloud security standards

Cloud Security Alliance will have a key role in developing standards to help organizations measure cloud-based security controls

The Cloud Security Alliance (CSA) announced at the CSA Summit at Infosecurity Europe in London last week that it will partner with ISO to develop key standards for cloud security.

CSA says it will have a key role in the development of cloud security and privacy standards under ISO/IEC (International Organization for Standardization/International Electrotechnical Commission). It has established a Category C liaison relationship with ISO/IECs Joint Technical Committee 1/Sub Committee 27 (JTC 1/SC 27). Category C liaisons are organizations that make a technical contribution and participate actively in the working groups under SC 27.

[ Also on InfoWorld: Eric Knorr examines what cloud security really means. | Master your security with InfoWorld's interactive Security iGuide. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ]

More on cloud computing and security

Organizations dependant on cloud services and the security executives charged with their safety will soon be able to measure cloud-based security controls using the same tools and measures currently used in traditional control structures, says Marlin Pohlman, CSA's global strategy director.

CSA will initially collaborate on two projects with the SC 27. One is a new work item proposal for cloud security, reinforcing previous work done on the Code of Practice for Information Security Management (ISMS) found in the ISO/IEC 27002 International Standard. The aim is to provide guidelines on information security controls for the use of cloud computing services based on ISMS security controls. The other project involves information security for supplier relationships.

"By working closely with ISO in the highly dynamic cloud computing environment, the industry can have confidence that CSA guidance will be enduring, and that they can align with it now," says Dave Cullinane, CSA chairman.

Read more about cloud security in CSOonline's Cloud Security section.

This story, "CSA, ISO partner on cloud security standards" was originally published by CSO.

Mobile Security Insider: iOS vs. Android vs. BlackBerry vs. Windows Phone
Join the discussion
Be the first to comment on this article. Our Commenting Policies