The Cloud Security Alliance (known affectionately as CSA) today published the second version of its “Guidance for Critical Areas of Focus in Cloud Computing” which you can download from the CSA website. As full disclosure, I am co-chair of the Solution Provider group within the CSA along with my esteemed colleague Tim Matthews from PGP .
An excerpt from the CSA press release concisely describes the document’s value:
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The whitepaper, “Guidance for Critical Areas of Focus in Cloud Computing – Version 2.1”, outlines key issues and provides advice for both Cloud Computing customers and providers within 13 strategic domains. Version 2.1 provides more concise and actionable guidance across all domains, and encompasses knowledge gained from real world deployments over the past six months in this fast moving area.
I am gratified that my Trend Micro colleague, Justin Foster, contributed to the guidance (thanks Justin!).
If you are an enterprise considering deploying applications containing sensitive information into the public cloud, the V2.0 guidance will have some valuable nuggets of information to securely use the public cloud.