Cloud Security
In recent years more companies are moving towards cloud computing platforms, for the benefits and convenience these platforms provide. Cloud computing enables on-demand network access to a shared pool of configurable computing resources. Examples are networks, virtual machines, Hypervisors, storage, applications, and services). The configurable computing resources are flexible in nature. They simplify the challenges concerning resources so that users can focus on their bread & butter operation. Cloud computing enables optimized and efficient computing and cost reduction.
Depending on the user requirement, the cloud service model can be of three types: Software-as-Service (SaaS), Platform-as-Service (PaaS), and Infrastructure-as-Service (IaaS).
An organization can opt to offer its services on a public cloud or a private cloud. Numerous companies choose the hybrid model, a mix of on-prem and cloud offerings.
The CSA STAR Certification
International standards such as ISO 27018 are framed to protect the Personally Identifiable Information (PII) on a Cloud. On the other hand, ISO 27017 is the framework defined for Cloud Service Providers and Cloud Service Customers.
The CSA STAR certification is technology-neutral. It involves an independent assessment of the security of a cloud service provider. The certification takes in the requirements of the ISO/IEC 27001 Management System Standard and the CSA Cloud Controls Matrix.
CSA Cloud Controls Matrix is a specified set of criteria that measures the capability levels of the cloud service. It has 16 Domains and 133 Cloud Security Controls.
The technology experts from ARC Tech have immense experience working with the top IT companies globally. They can perform gap analysis and audit for CSA STAR, ISO 27018, and ISO 27017 standards.
We ensure your compliance by the following activities under our Cloud Security Service:
Gap Analysis
We perform a gap analysis to identify gaps in your infrastructure and crucial areas that need improvement.
Self-Assessment
We help in self-assessment by leveraging The Consensus Assessments Initiative Questionnaire (CAIQ).
Maturity Model
Our experts use the capabilities of the eGRC tool to perform the maturity analysis.
Policies & Procedures
Our experts can help the client in framing the required policies and procedures.
Internal Audit
Our experts have CSA STAR and ISO 27018 certifications. They can perform internal audits.
Certification
A discrete certification for CSA STAR and ISO 27018 does not exist. ARC Tech is an authorized supplier of PECB and can provide certification to an organization on ISO 27001 with endorsements for CSA STAR and ISO 27018/27017.
