SaaS working group up and running

The Cloud Security Alliance (CSA) launched a Security-as-a-Service working group at the RSA conference in February, to help organizations evaluate and implement security solutions provided via the SaaS model.

So far much of the effort has focused on organizing the group, while the real work still lies ahead, says Michael Sutton, vice-president of security research at Zscaler and head of the working group.

CSA’s stated mission is to promote the use of best practices for providing security assurance within cloud computing, and to provide education on the uses of cloud computing to help secure all other forms of computing.

The first part of the mission focuses on security technologies developed in the cloud, Sutton says, while the second focuses on leveraging the cloud to deliver security to other organizations — security that was traditionally delivered via software and appliances.

“To date, CSA has primarily focused on the first part of the mission statement,” Sutton says. The working group will focus on the second part. He says there’s no shortage of companies claiming to deliver security via a SaaS model, “however, there has been very little done to define [security as a service] and establish best practices. We aim to change that.”

Specifically, the working group will attempt to identify consensus definitions of what security-as-a-service means, categorize the different types of security as a service offerings, and provide guidance to organizations on reasonable implementation practices.

In terms of a timeline, the goal is to have service categories identified and adoption statistics presented by April, a subject matter expert guide completed by July, and a final implementation guidance draft ready by September.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Related Tech News

CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.