The CSA recently announced that the STAR Program will now allow a one-time, first-year only, Type 1 STAR Attestation report. What is a Type 1 versus Type 2 examination and what are the benefits for starting with a Type 1 examination?
According to a recent survey published by RightScale Inc., more than 90 percent of businesses use some form of cloud technology. The benefits of using the cloud are clearly undeniable, but that doesn’t mean getting set up and running on the proper solution for your organization is effortless.
In 2014, researchers with Carnegie Mellon University and Intel discovered a potential attack against computer memory, one that attacked the electrical properties of the hardware rather than attacking a weakness in software. The attack, colloquially known as Rowhammer, works against the properties of modern computer memory, specifically the layout of memory spaces in rows.
Can an organization do a certification and an attestation? Yes. The certification has the prerequisite that you have gone through the ISO 27001 certification, but the attestation does not have any prerequisites. The attestation and certification are two separate examinations, but you can do both at the same time for efficiency.
The CSA Security, Trust and Assurance Registry (STAR) program was designed by the Cloud Security Alliance as a method for providing assurance regarding the security of a cloud service provider (CSP). The program consists of the STAR Certification and the STAR Attestation, both of which utilize the Cloud Controls Matrix (CCM) as the control framework; however, there are important differences to note between the two. So which is a better fit for your organization? Perhaps the following information will help you decide, since there are important differences to note between the two.
Originally published at cloudsecurityalliance.org Today, consumers have an increasing interest in implementing cloud solutions to process and store their data. They are looking to take advantage of the benefits provided by cloud computing, including flexibility, cost savings, and availability. Fortunately, there are many cloud solutions available to consumers, touting cloud computing features such as multi-tenancy, virtualization, or increased collaboration. But is it really a cloud service?
Surprisingly, business leaders—not IT departments—are the driving force behind six out of 10 migrations to the cloud. These leaders are often bothered by the nagging question, “Is the cloud secure?” This question is usually followed by a series of debates about just how secure the cloud is.
Co-Authored with Kurt Long from Fairwarning and originally published on informationsecuritybuzz.com Today’s modern CRM systems are vital to your business’ success. CRM data now holds every aspect of your business’ proprietary information from corporate intelligence to sales data; as well as your customers’, from buying patterns to PII. A data breach to your CRM could be devastating to your organization resulting in lawsuits or irreparable harm to your brand’s reputation and customer trust. With so much at stake, here is what you need to know to protect your CRM.