The Cloud Security Alliance (CSA) is a leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.

Organizations listed as CSA Trusted Cloud Providers are CSA Corporate Members that have completed additional training and volunteer requirements with CSA. Fulfilling these requirements demonstrates a commitment to the professional development of the organization’s employees to achieve cloud security competency, and a commitment to the industry at large.

Britive is pleased to announce it is now recognized as a Trusted Cloud Provider by CSA.

To obtain this status, Britive fulfilled the following requirements:

  1. Member of CSA
  2. Completed a Consensus Assessment Initiative Questionnaire (CAIQ), which offers an industry-accepted way to document what security controls exist in IaaS, PaaS, and SaaS services. It provides a set of Yes/No questions a cloud consumer and cloud auditor may wish to ask of a cloud provider to ascertain their compliance to the Cloud Controls Matrix
  3. Completed the CSA Certificate of Cloud Security Knowledge (CCSK) training
  4. Demonstrated activity and engagement in the CSA membership

CSA’s STAR Registry (Security, Trust, Assurance, and Risk Registry) was founded in 2013 by the Cloud Security Alliance. The STAR registry encompasses key principles of transparency, rigorous auditing, and cloud security and privacy best practices.

Britive is currently a STAR Level 1 member, meaning the company has submitted a security and privacy self-assessment, which is based off of the Cloud Controls Matrix and the CSA Code of Conduct for GDPR Compliance.

CSA’s Cloud Control Matrix is a cybersecurity control framework for cloud computing.

Composed of 197 control objectives that are structured in 17 domains covering all key aspects of cloud technology. It can be used as a tool for the systematic assessment of a cloud implementation, and provides guidance on which security controls should be implemented by which actor within the cloud supply chain. The controls framework is aligned to the CSA Security Guidance for Cloud Computing, and is considered a de-facto standard for cloud security assurance and compliance.

The CCM now includes the following:

  • CCM v4 Controls
  • Mappings
  • CAIQ v4
  • Implementation Guidelines
  • Auditing Guidelines
  • CCM Metrics

If you have questions about CSA, or would like to speak to us about our status as a Trusted Leader, please contact us today.