SINGAPORE, 9 SEPTEMBER 2011 - The Cloud Security Alliance (CSA) Singapore Chapter yesterday ran its first-ever event called Cloud Security Alliance Summit 2011.
Set up since April this year, the not-for-profit organisation aims to establish itself as a common platform for both cloud vendors and end-users, said Freddy Tan, chairman, CSA Singapore Chapter. "We like to promote a trusted cloud ecosystem in Singapore," he said at the Summit.
Formed by representatives from cloud vendors and end-users, CSA aims to promote the use of best practices for providing security assurance within cloud computing. The Singapore Chapter has some 50 members, coming from cloud vendors and end-users.
One of the Singapore Chapter's first efforts is to conduct a joint survey called Cloud Data Governance, with its counterpart in Silicon Valley to find out current industry practices around data governance among cloud users and providers. Due to be published by the end of the year, the study aims to guide readers towards establishing control and transparency over data that is held in the cloud.
Another up-and-coming programme is the Security, Trust & Assurance Registry (STAR), a free, publicly accessible registry that documents the security controls provided by cloud providers. This will serve as a checklist for users to assess current or potential operators.
The Singapore Chapter is also in talks with various vendors to produce a series of workshops designed to help participants better understand and manage their data in the cloud. "It is said that the cloud becomes a black box for your data, instead we like to change it into a white box, guiding users on issues like file tracking and prevention of data-misuse," said Tan.
Meanwhile, the Singapore Chapter is one of the candidates to be appointed as the Asia Pacific headquarters by the global CSA, revealed Aloysius Cheang, Asia Pacific strategy advisor, CSA. "Singapore can be a beachhead for cloud vendors based elsewhere to enter the region and raise their visibility," he said.
When asked about whether the vendor representatives in the Singapore Chapter could be tempted to use the organisation to drive their own agendas, Cheang replied that each vendor would serve as a form of "checks and balances", while any reports and announcements by the Chapter will be vetted by all the members in the Singapore Chapter.
Sign up for CIO Asia eNewsletters.