More and more companies are moving their computing platform to cloud. Cloud computing provides a model for that is ubiquitous, convenient, and enables on-demand network access to a shared pool of configurable computing resources (e.g., networks, virtual machines, Hypervisors, storage, applications, and services). These resources are elastic in nature and the user does not have to be concerned about resource shortages and can concentrate in their bread & butter operation. Cloud computing provides the opportunities for cost reduction through optimized and efficient computing. The cloud service model can be Software-as-Service (SaaS) or Platform-as-Service (PaaS) or Infrastructure-as-Service (PaaS) depending upon what the user wants to offer. An organization can opt for a private cloud or offer their services through a public cloud. Many companies select the hybrid model which is mix of on-prem and cloud offerings
International standards like ISO 27018 is the framework for protecting PII on Cloud whereas ISO 27017 provides the framework for Cloud Service Providers and Cloud Service Customers.
The CSA STAR Certification is a rigorous third-party independent assessment of the security of a cloud service provider. The technology-neutral certification leverages the requirements of the ISO/IEC 27001 management system standard together with the CSA Cloud Controls Matrix, a specified set of criteria that measures the capability levels of the cloud service. There are 16 Domains and 133 Cloud Security Controls.
Our experts have helped Top IT companies in performing gap analysis and auditing for CSA STAR, ISO 27018 and ISO 27017 standards.