Security as a Service Implementation Guidance documents published!

The Security as a Service working group implementation guidance papers have now all been published and are available for free download from the Cloud Security Alliance website.

These provide a great overview of, and guidance around the 10 categories of security as a service that we identified last year.  The 10 documents have all been created using a standard template to ensure they are easy to use and understand.

Each document contains the following sections;

1. Introduction; Brief overview of the service, along with intended audience and the scope of the document.

2. Requirements Addressed; An overview of the business / security requirements that the service can address.

3. Considerations and Concerns; Details of areas to consider and potential risks / concerns when implementing the cloud based service.

4. Implementation Guidance; This section is the meat of the document providing guidance for anyone looking to implement the service usually including diagrams of example architectures or architecture components.

5. References and Useful Links; References used in the creation of the document and useful links for further research.

The documents and their download links are shown below;

Category 1 // Identity and Access Management Implementation Guidance;

https://cloudsecurityalliance.org/wp-content/themes/csa/download-box-secaas-ig-cat1-1.0.php

Category 2 // Data Loss Prevention Implementation Guidance;

https://cloudsecurityalliance.org/wp-content/themes/csa/download-box-secaas-ig-cat2-1.0.php

Category 3 // Web Security Implementation Guidance;

https://cloudsecurityalliance.org/wp-content/themes/csa/download-box-secaas-ig-cat3-1.0.php

Category 4 // Email Security Implementation Guidance;

https://cloudsecurityalliance.org/wp-content/themes/csa/download-box-secaas-ig-cat4-1.0.php

Category 5 // Security Assessments Implementation Guidance;

https://cloudsecurityalliance.org/wp-content/themes/csa/download-box-secaas-ig-cat5-1.0.php

Category 6 // Intrusion Management Implementation Guidance;

https://cloudsecurityalliance.org/wp-content/themes/csa/download-box-secaas-ig-cat6-1.0.php

Category 7 // Security Information and Event Management Implementation Guidance;

https://cloudsecurityalliance.org/wp-content/themes/csa/download-box-secaas-ig-cat7-1.0.php

Category 8 // Encryption Implementation Guidance;

https://cloudsecurityalliance.org/wp-content/themes/csa/download-box-secaas-ig-cat8-1.0.php

Category 9 // Business Continuity / Disaster Recovery Implementation Guidance;

https://cloudsecurityalliance.org/wp-content/themes/csa/download-box-secaas-ig-cat9-1.0.php

Category 10 // Network Security Implementation Guidance;

https://cloudsecurityalliance.org/wp-content/themes/csa/download-box-secaas-ig-cat10-1.0.php

If you are planning on implementing and of the Security as a Service categories, need to evaluate them, or just want to know more, please feel free to download these documents.  I hope you find them interesting and useful.

If you have any feedback for the documents don’t hesitate to provide it either via the comment section of this blog, or directly via the CSA website.  If you are interested in getting involved and contributing to the next steps of this research we are always looking for more volunteers!

Get involved via the ‘get involved’ link;

https://cloudsecurityalliance.org/research/secaas/#_get-involved

K

Advertisements

Author: Kevin Fielder

Innovative and dynamic security professional, with a passion for driving change by successfully engaging with all levels of the business. I am a determined individual with proven ability to provide security insights to the business, in their language. These insights have gained board buy in for delivering security strategy aligned to key business goals. This is achieved by understanding the need to drive change through people, process and technology, rather than focusing exclusively on any one area. I take pride in being a highly articulate, motivational and persuasive team-builder. I have a strategic outlook with the ability to engage with and communicate innovative and effective security solutions to all levels of management. Along with a proven ability to translate security into business language and articulate the business benefits I am also passionate about leading security innovations and making security a key part of the business proposition to its customers. Security should be made a key differentiator to drive sales and customer retention, not just a cost centre! Outside of work I am a proud husband and father to an awesome family, and a passionate CrossFit coach and athlete.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s