csa logo square 300x300 Cloud Security Alliance Publishes Guidelines for Mobile Security and Data ManagementWith the aim of offering an assessment of the current situation of mobile computing and current threats to protect them, the Cloud Security Alliance (CSA) has published a guide specializing in critical areas with recommendations on best practices in this area.

The CSA has updated its Cloud Control Matrix (CCM) with recommendations of best practices for securing the cloud. The CCM Version 3.0 document, “Security Guidance for Critical Areas of Focus in Cloud Computing version 3.0” addresses information security risks over the access of, transfer to, and securing of cloud data in the mobile security; supply chain management, transparency and accountability; interoperability and portability; encryption and key management domain.

The document provides an assessment of the current situation of mobile computing as well as details of the main threats that exist today in this area. Mobile computing has changed the way we work, ushering in a new era of productivity and efficiency. But implicit in the benefits of mobility ultimately have a cost in terms of ensuring that established security protocols are applied consistently and correctly.

CSA recommends a clearly-defined mobile use policy. The policy can dictate how the device is secured, what information it stores and what data on the device the business has access to. It also addresses the threats and concerns IT professionals in regards to mobile computing. With an introduction to each of the main components of mobile computing, including trends such as Bring Your Own Device (BYOD) authentication, application stores, mobile device management (MDM) and security, many users lack a fundamental policy to control which services they can access from their mobile devices.

Besides preserving data security and management of a large number of personal devices, companies must also take into account the new set of legal and ethical issues that may arise when employees are using their own resources to do their jobs. Companies that are not protected by policies in workplace are exposed to great financial risk.

The CSA also recommends new guidelines for supply chain management, transparency and accountability. The report said that customers should have a clear understanding of exactly how data is handled by their provider. They should be aware of service-level agreements (SLA) and security controls but also some understanding on underlying infrastructure as a service (IaaS).

The CSA CCM provides a controls framework including other industry-accepted security standards, regulations, and controls frameworks such as the ISO 27001/27002, ISACA COBIT, PCI, NIST, Jericho Forum and NERC CIP.

CCM adoption gives cloud providers a manageable set of implementation ready controls that are mapped to global security standards. For customers, it acts a catalyst for dialogue about the security posture of their service providers, something that before the CCM existed was impossible.

Hottest IT Skills in 2013 – Cloud, Mobile and BI
In 2012, more than 1.7 million jobs in the field of cloud computing remained unoccupied, according to analysts firm IDC. READ MORE
How Cloud Computing Influences Digital Marketing
Cloud marketing has the ability to drastically change the ways in which they reach and engage their audience, particularly with regard to distributing and storing mission-critical data. READ MORE
Gartner: BYOD to Take Center Stage For Mobile App Use by 2017
More and more companies encourage their employees to work on their devices, thus reducing the cost of computer equipment, but also increase the cost to maintain licenses and safety. READ MORE
Maturity in the Cloud: Start Thinking Like a Grown-Up
Despite the inclination to wait until all of the cloud’s kinks have been worked out, holding off on cloud initiatives until the industry matures won’t guarantee success. READ MORE
PwC: Cloud, SaaS and Mobile Are Changing Software Industry
The software industry is undergoing major changes by trends such as cloud, SaaS, mobile technology and the “consumerization of IT”. READ MORE
10 Cloud Computing Game Changers
Here are the ten most influential cloud computing companies, and the reason why. READ MORE