Amazon Registers AWS with CSA STAR

| by Daniel Rubio Follow 0 Followers on Aug 13, 2012. Estimated reading time: 1 minute |

A note to our readers: You asked so we have developed a set of features that allow you to reduce the noise: you can get email and web notifications for topics you are interested in. Learn more about our new features.

The Security, Trust & Assurance Registry (STAR) is an initiative by the Cloud Security Alliance (CSA) to document security controls offered by cloud computing providers. The registry recently received its biggest vote of confidence, as Amazon AWS, one of the first and biggest cloud providers, joined.

The CSA STAR started slowly in August 2011. Six months after its launch only three cloud providers had joined: Microsoft Office 365, Mimecast and Solutionary. Now nearing its one year anniversary, the CSA STAR now includes a a dozen cloud providers, among them major players like Amazon AWS, Microsoft Azure and

The CSA STAR tracks the security features offered by cloud providers with a standard 170+ point questionnaire. The survey includes questions on a broad range of security areas like: facility security, human resources security, risk management and security architecture. The questionnaire is available to all cloud providers. Once answered and submitted by a cloud provider, it undergoes an approval process by the CSA. Once approved the questionnaire is published to the public on the CSA STAR entries page.

The approach taken by the CSA registry is beneficial to both cloud providers and potential users of cloud computing. It lets decision makers perform due diligence on cloud security without the need to read through fragmented documentation or marketing driven content. For cloud providers, particularly the smaller ones, it lets them publish security offerings on a level playing field.

With security still being the number-one obstacle to cloud computing adoption according to many analyst and CIOs, the increased visibility of the CSA registry is well deserved. If the CSA registry continues on its same path, it may soon become a one-stop location for cloud providers to publish cloud security features and customers to decide from what's available in the market.

Rate this Article

Adoption Stage

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread


Login to InfoQ to interact with what matters most to you.

Recover your password...


Follow your favorite topics and editors

Quick overview of most important highlights in the industry and on the site.


More signal, less noise

Build your own feed by choosing topics you want to read about and editors you want to hear from.


Stay up-to-date

Set up your notifications and don't miss out on content that matters to you