Cloud Security Alliance Releases Guidelines on Effectively Managing 
Security Service in the Cloud

Newest paper offers clearly defined security responsibilities for vendors, customers 
across various cloud-service models

SINGAPORE – October 11, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today released its latest research report, “Guidelines on Effectively Managing the Security Service in the Cloud.” The paper was announced at the annual APAC Summit held in conjunction with Cloud Expo Asia 2018 and provides cloud service providers (CSP) and their customers with clear-cut recommendations for building and managing cloud security services.

Authored by the Cloud Security Services Management (CSSM) Working Group, the new guidelines address a critical need stemming from today’s widespread usage of cloud—clearly defined security responsibilities for both vendors and their customers across various cloud-service models. While the shared responsibility model provides excellent guidance, many of the standards and specifications it touches upon target CSPs’ security responsibilities rather than those of customers, especially those with little to no cloud security knowledge.

With this latest set of guidelines, organizations can establish a baseline to:

  • ensure the secure running of service systems;
  • clarify their own security responsibilities, as well as those of their CSPs;
  • better understand what security assurance features should be enacted in response to those responsibilities; and
  • identify existing gaps and best practices for addressing them.

“We developed the guidelines with cloud customers in mind, especially for small and medium enterprises that lack professional security teams to design, deploy, and operate secure cloud services in various cloud environments. At the same time, CSPs can leverage the guidelines to better understand and build their shared-responsibility security capabilities,” said Dr. Chen Kai, cybersecurity ecosystem specialist for Huawei Technologies Co. Ltd., and chair of the CSSM Working Group.

“Since no two CSPs are the same, selecting the right CSP is crucial to customers’ long-term success. These guidelines will help cloud customers make informed decisions on selecting CSPs that best complement their organizations’ specific needs. For CSPs and cloud service security integrators, it provides guidance to building cloud platform security assurance systems, augmenting reliability and assurance to customers,” added Dr. Chen.

CSA would like to extend thanks to all CSSM Working Group members, as well as those who have contributed to the guidelines in an effort to create a more inclusive and safer cloud community.

Learn more about CSSM. Those interested in contributing to the CSSM Working Group’s body of knowledge are invited to join the group.

About Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security- specific research, education, certification, events and products. CSA’s activities, knowledge and extensive network benefit the entire community impacted by cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem.

Media Contact


Kari Walker for the CSA
ZAG Communications
703.928.9996
[email protected]

Share this content on your favorite social network today!