Le Lézard
Classified in: Science and technology
Subjects: NPT, EXE

Cloud Security Alliance Announces FedSTAR, a New Joint Certification System with FedRAMP

SEATTLE, May 14, 2018 /PRNewswire-USNewswire/ -- The Cloud Security Alliance (CSA), the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today announces that it has partnered with the Federal Risk and Authorization Management Program (FedRAMP), at the U.S. General Services Administration (GSA). The two programs will work together to develop FedSTAR that offers mutual recognition between the two security programs based on a common framework for deployment, use and maintenance.

Cloud Security Alliance Logo. (PRNewsFoto/Cloud Security Alliance)

"FedRAMP and CSA's STAR are among the most used cloud certifications world-wide, however, because they are deployed separately and incompatible, cloud service providers (CSP) spend valuable resources in duplicating efforts to comply with both systems," said Kate Lewin, Federal Director, Cloud Security Alliance.

"Complying with multiple systems is not only confusing, costly and ineffective, but acts as a barrier to market entry for smaller companies. That's about to change with the development of FedSTAR. Now, CSPs will be able to earn two certifications with one audit, saving both time and money," she added.

Cloud service providers are in desperate need of tools they can use to analyze and assess their security posture, as well as use to conduct continuous monitoring. FedSTAR will provide processes and methodologies that allow CSPs to stop replicating steps that are common between FedRAMP and STAR. This collaboration will demonstrate the effectiveness and efficiency of joint efforts with the U.S. Government and industry to reduce compliance burdens on private-sector companies.

CSA and the GSA have agreed to establish a working group to begin work on bridging the gaps. The group will engage independent, third-party assessor companies to conduct a gap analysis between STAR and FedRAMP controls.

Further, the working group will seek input from all stakeholders, including cloud service providers, the security community (CISOs, risk managers) and Federal government as it sets out to determine which processes and procedures from each system can be recognized and accepted by both, including the Independent Third-Party Assessors certification processes, documentation format, and standards for mutual acceptance. Individuals and organizations interested in participating in the working group are invited to contact Katie Lewin, Federal Director, CSA.

About Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA's activities, knowledge and extensive network benefit the entire community impacted by cloud ? from providers and customers, to governments, entrepreneurs and the assurance industry ? and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.

SOURCE Cloud Security Alliance

These press releases may also interest you

at 11:35
Ping Identity, the leader in Identity Defined Security, today announced new programs and benefits for its Technology Alliance and Channel Program partners, including a new online partner directory, app integrations...

at 11:32
Katie Stewart of the Software Engineering Institute (SEI) at Carnegie Mellon University to address RMA's 13th annual Governance, Compliance, and Operational Risk Conference regarding  lessons that the banking industry may learn from the defense...

at 11:30
SolderWorks LLC, a state-of-the-art hardware innovation lab, today announced the launch of its new education curriculum program. This new offering provides a classroom, innovation lab, and ecosystem partner learning experience...

at 11:30
Founder/CEO Leslie Magsalay-Zeller expands Pooki's Mahi® 100% Koffee KaKaotm coffee pods made from single-origin coffee with KrakaMokatm coffee for customers that enjoy naturally flavored chocolate, cacao, and mocha in 2018; feedback from customers...

at 11:30
LendingTree®, the nation's leading online loan marketplace, today released its analysis of how the housing market has changed since 2009. The study looks at the 50 largest metropolitan areas in the U.S. to see where...

at 11:30
The LF Deep Learning Foundation (LF DL), a Linux Foundation that supports and sustains open source innovation in artificial intelligence (AI), machine learning (ML), and deep learning (DL), announces Ericsson has become the newest Premier Member....

News published on 14 may 2018 at 09:33 and distributed by: