Security Certifications and Promoting Cloud Computing

Tuesday, September 14, 2010

Daniel Ruggles

4a907eba6a8d0223e39ee7d45672e26b

There is an abundance of certifications in the IT industry covering application development, project management, security, and vendor tool specific.  An interesting spin to all of this is a security framework tied specifically to cloud computing. 

The Cloud Security Alliance (CSA) published the second edition of its guidelines for secure cloud computing, delivering a document that sets out an architectural framework and makes a host of recommendations around cloud security.

NIST created a notional definition of Cloud Computing in October 2009 and CSA has provided a more elaborate definition on cloud computing, which has been the subject of much hype in recent years.  

According to the CSA, cloud computing environments feature on-demand, self-service consumption; allow broad access via networks; draw from a pool of shared computing resources; can be quickly scaled up or down depending on demand; and involve some type of metering to track usage.

The CSA's report tackles cloud security on 13 different domains, from governance issues like e-discovery, to compliance and audits to operational concerns such as disaster recovery, and application security and identity management.

Title

  1. Clouding Computing Architecture Framework
  2. Governance and enterprise Risk Management
  3. Legal and Electronic Discovery
  4. Compliance and Audit
  5. Information Lifecycle Management
  6. Portability and Interoperability
  7. Traditional Security, Business Continuity, and Disaster Recovery
  8. Data Center Operations
  9. Incident Response, Notification, and Remediation
  10. Application Security
  11. Encryption and Key Management
  12. Identity and Access Management
  13. Virtualization

This new security certification is called the Certificate of Cloud Security Knowledge, the designation is earned by studying "Security Guidance for Critical Areas of Focus in Cloud Computing, V2.1" and "Cloud Computing: Benefits, Risks and Recommendations for Information Security" and passing an online test. 

Let Daniel L. Ruggles  and the team at PM Kinetics, LLC help you navigate the complexities of IT Governance, Cloud Computing, Sourcing & Capital Planning, Vendor Management, IT Security, and Infrastructure planning & execution.

Possibly Related Articles:
10817
Cloud Security
Information Security
Cloud Security Cloud Computing
Post Rating I Like this!
Cdd3f176df2ea23c9762b19c10858a82
Paulo Jorge Morgado Thanks Daniel, excellent article on cloud computing
1287492175
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.