As a growing majority of companies now rely on 3rd party cloud based environments for business services, there is a demand for those organisations to prove their security credentials.
The Cloud Security Alliance (CSA) operate the Security, Trust, Assurance, and Risk (STAR) Registry which is a publicly accessible registry that documents the security and privacy controls provided by popular cloud computing offerings. STAR encompasses the key principles of transparency, rigorous auditing, and harmonisation of standards outlined in the Cloud Controls Matrix (CCM).
Navigating through the CSA Cloud Controls Matrix (CCM) can be onerous as the current checklist includes 261 questions across all relevant aspects of a cloud computing provider’s security.
BH Consulting are one of only 5 companies in the CSA Global Consultancy Program approved to offer consulting services (Ref Partner Registry: https://cloudsecurityalliance.org/global-consultancy/registry/).
As well as assistance to align with the security controls in the Cloud Controls Matrix, services also include:
Secure cloud design
Secure cloud implementation
Cloud assessment and compliance, risk management, and cloud security governance
BH Consulting help cloud providers to understand and meet the requirements of the Cloud Controls Matrix (CCM) and then assist them to complete the Consensus Assessments Initiative Questionnaire (CAIQ) to document compliance with the CCM.
This information then becomes publicly available, promoting industry transparency and providing customer visibility into specific provider security practices. STAR Self-Assessments are updated annually.
Test the effectiveness of your information security management against the requirements of CSA STAR
Add to existing security certifications with this cloud computing provider specific standard
Achieve competitive advantage by achieving a listing on the Security, Trust, Assurance, and Risk (STAR) Registry