US-based not-for-profit Cloud Security Alliance (CSA) has unveiled a free initiative designed to encourage transparency of security practices within Cloud providers.
To be known as the CSA Security, Trust and Assurance Registry (STAR), it will be a publicly accessible registry documenting the security controls provided by various cloud computing offerings.
The initiative, expected to go live in Q4 this year, aims to enable CIOs to more effectively assess the security practices of providers they currently use or are considering contracting with, thereby accelerating the due diligence process and leading to higher quality procurement experiences.
CSA STAR is open to all Cloud providers and allows them to submit self-assessment reports that document compliance with CSA-published best practices. According to CSA, the increased transparency will encourage Cloud providers to make security capabilities a key market differentiator.