How much will Cloud Security Alliance's STAR program do to increase transparency of cloud security?

TheCount16 weeks ago

It is difficult to really evaluate the security practices of different cloud providers. For the most part, you just have to take them at their word. I've heard about a new program called the Security Trust and Assurance Registry (STAR) that is supposed to introduce a standard questionnaire that members complete to provide a standard of comparison so that potential customers searching for a cloud provider can make an informed decision when security is of concern (which is pretty much always). So far of CSA members, only Microsoft, Mimecast and Solutionary have agree to publication of their STAR responses. Will this actually help customers make knowledge based decisions, or is STARs a marketing gimmick?

Tags: cloud, security, STAR

Topic: Cloud Computing

Answer this Question

Login or register to post answers
Permalink

Answers

2 total

jimlynch 16 weeks ago

I think it's a step in the right direction, and it may be useful as more providers sign onto it. Certainly having Microsoft involved lends it a certain amount of credibility.

Perhaps though it will be left to the users to try to encourage or force companies to participate. If enough users contact their providers and ask about it, it will probably wake up the providers to the need to provide this data.

So it's not perfect, but the industry has to start somewhere to build confidence among customers. This seems like a good step in that direction and I hope more companies will jump on the bandwagon and participate.

Share this answer
Permalink

jlister 16 weeks ago

Hopefully more than just three companies will release the information. If they do, I could see it being very helpful, depending on the depth of the questionnaire. I did a little research, and read that the questionnaire is developed according to ISO standards, which gives it some credibility, although it was not clear to me that it indicates that members actually MEET the ISO standard. I would much rather see ISO certifcation than anything else to make sure that a process is being strictly followed. I think the greatest benefit is the ability to at least compare how different companies respond to the questions, so there is something of an apple to apple comparison possible between different providers.

Share this answer
Permalink

Answer this Question

Ask a question

Quickbooks Online outage leaves some customers in sour mood

Intuit's Quickbooks Online service suffered an outage this week that left "a small subset" of customers unable to access their data, but the company says the problems with the on-demand accounting software have now been fixed.

Warren Buffett goes long on papers, says free news won't last

Buffett just bought 63 more newspapers. Is he locking up a dying market, or will paywalls revive papers?

Minnesota state government executive branch picks Microsoft to improve e-mail, collaboration

The Executive Branch of the Minnesota state government had its 40,000 end users on a mishmash of e-mail systems when in 2008 its IT group, the Office of Enterprise Technology (OET), decided to tackle the problem.

Customizable cloud SLAs on the way, researchers predict

Service-level agreements and legal standards for cloud offerings will become more customized to individual customers and vertical industries as the cloud market continues to mature and providers look for ways to differentiate their offerings, researchers at the University of London predict.

About 4.5 million Catholic school students to get Office 365

About 4.5 million Catholic school students will get access to Microsoft's Office 365 cloud e-mail and collaboration suite as part of a 3-year deal the software vendor struck with the Catholic International Education Office (OIEC).

Spotify deploys Salesforce Rypple for social enterprise

Digital music service Spotify is using employee performance management software from Salesforce.com to drive engagement within the company and make giving feedback more social.

McLaren CIO uses SAP's HANA to scale back on ‘expensive PhDs’

McLaren CIO Stuart Birrell has said that he is using SAP’s in-memory HANA technology to try and scale back on using “expensive PhD” skills within the group’s Formula 1 teams.

De Vere hotels consolidate online brands through private cloud

The De Vere hotel group has created a private cloud architecture to help consolidate its online brands.

Box to beef up IT administration features of cloud content management software

Box will start letting customers test a new set of IT administration controls for its cloud-hosted enterprise collaboration and content management software on Thursday.

10 years later, Alcatel-Lucent revisits Cisco and Juniper in the core

Alcatel-Lucent is set to give Cisco and Juniper another run for the money in core routing 10 years after its initial attempt failed.

White Papers & Webcasts

White Paper

IDC Vendor Spotlight

Your company needs backup and recovery that supports a tiered-recovery model. This IDC Vendor Spotlight examines the modern forces driving the advancements in today's data protection technologies, and a complete backup and recovery solution that works across physical, virtual and cloud environments.

White Paper

vRanger Helps Cut Replication Time by Almost 70%

There's a reason why more than 38,000 customers trust vRanger to protect their critical virtual data! In this Quest Software case study, see how vRanger helped Cornerstone Bancshares, Inc. cut replication time from days to minutes - and how this translated to real time and money savings.

White Paper

ESG: Product Brief: Quest vRanger 5.3 brings enterprise-class VMware protection to SMB's

Free paper: how virtualization impacts SMBs, and strategies for enterprise-class VMware protection

White Paper

Forrester Report: The ROI of Cloud Apps

Cloud apps continue to gain momentum in the enterprise as buyers are attracted to fast deployment speeds, low upfront costs, and ongoing flexibility to scale up or down as needs change. This report analyzes the five-year ROI for cloud apps across CRM, ERP, collaboration, and IT service management.

White Paper

The Cloud: Reinventing Enterprise Collaboration

Collaboration and content sharing are not, of course, new concepts. But cloud computing has changed the nature of collaboration, content sharing, document storage and project management to enable more efficient, faster-acting and cost-effective enterprises. According to a new study by IDG Research, the vast majority of knowledge workers (86%) placed a very high level of importance on collaborating with internal coworkers and external stakeholders, and having access to the most up-to-date corporate information. Read how organizations are realizing massive productivity gains by transitioning their content management solutions to cloud-based models.

See more White Papers | Webcasts