Skyhawk Security has obtained Cloud Security Alliance (CSA) Security, Trust & Assurance Registry (STAR) Level 1, meaning that Skyhawk has publicly documented its compliance with CSA’s Cloud Controls Matrix (CCM).
CSA STAR Level 1 (self-assessment) documents the security controls provided by various cloud computing offerings, helping users assess the security of the cloud providers they currently use or are considering using. In order to achieve CSA STAR Level 1, cloud providers must submit the Consensus Assessments Initiative Questionnaire (CAIQ) to document compliance with the CCM.
CSA STAR is a free, publicly accessible registry that documents the security and privacy controls provided by popular cloud computing offerings. It encompasses the key principles of transparency, rigorous auditing, and harmonization of standards outlined in CCM and allows organizations to show current and potential customers their security and compliance posture, including the regulations, standards, and frameworks to which they adhere. Developed to ensure cloud service providers are better able to maintain data confidentiality, integrity, and availability, CSA STAR is the industry’s most powerful program for security assurance in the cloud.
Participation in the STAR program provides multiple benefits, including indications of best practices and validation of security posture of cloud offerings. It consists of two levels of assurance (self-assessment and third-party certification), based upon:
- The CSA Cloud Controls Matrix (CCM) v4, a cybersecurity control framework for cloud computing. It is composed of 197 control objectives that are structured in 17 domains covering all key aspects of cloud technology. It can be used as a tool for the systematic assessment of a cloud implementation, and provides guidance on which security controls should be implemented by which actor within the cloud supply chain. The controls framework is aligned to the CSA Security Guidance for Cloud Computing, and is considered a de-facto standard for cloud security assurance and compliance.
- General Data Protection Regulation (GDPR) Compliance with the EU Cloud Code of Conduct (CoC).
View Skyhawks CSA Registry entry here: https://cloudsecurityalliance.org/star/registry/skyhawk-security.
About the Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, training, certification, events, and products. CSA’s activities, knowledge, and extensive network benefit the entire community impacted by cloud — from providers and customers to governments, entrepreneurs, and the assurance industry — and provide a forum through which different parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.
