A Trifecta of Cloud Security Transparency

If you have been following our Trustworthy Computing Cloud Fundamentals Video Series you have probably seen at least two videos where we discuss the importance of transparency in cloud security controls. In addition, we have shared how the Cloud Security Alliance’s (CSA) Security Trust and Assurance Registry (STAR) can help provide that transparency to cloud providers and cloud consumers.  If you haven’t seen these videos or would like a refresher, you can watch them here:

As you can see from these video interviews, both Office 365 and Windows Azure have self-assessments published in the CSA’s STAR.  This was an important step in demonstrating our commitment to transparency for our cloud customers.  As of late last week we are pleased to share that Microsoft Dynamics CRM has also published a self-assessment in the CSA’s STAR. 

The reason this is noteworthy is that it was driven by customers asking for assurances about the security practices and security controls that different cloud service provider’s use.   This information helps customers better understand whether those services meet or exceed their organization’s compliance obligations and internal standards.  The self-assessments for Office 365, Windows Azure, and Microsoft Dynamics CRM in the CSA’s STAR registry provides cloud customers with the visibility and transparency they are looking for, in a way that is based on standards (ISO 27001) and CSA best practices, for free.

For more information, you can download these assessments directly from the CSA’s website:

About the Author
Tim Rains

Chief Security Advisor, Microsoft Worldwide Cybersecurity & Data Protection

Tim Rains is Chief Security Advisor of Microsoft’s Worldwide Cybersecurity & Data Protection group where he helps Microsoft’s enterprise customers with cybersecurity strategy and planning. Formerly, Tim was Director Cybersecurity & Cloud Strategy in Trustworthy Computing at Microsoft, where he Read more »