In an effort to better weigh the security of cloud-based infrastructures, the Cloud Security Alliance has released a new toolkit, the Governance, Risk Management and Compliance (GRC) Stack. Available as a free download on the organization’s website, the collection consists of three tools: CloudAudit, the Cloud Controls Matrix and the Consensus Assessments Initiative Questionnaire.
Designed for use by enterprises, cloud providers, security solution providers, IT auditors and others, the kit should help clear the air of contention surrounding cloud security as of late. The GRC Stack can assist in comparing public, private or hybrid clouds to industry standards. By helping assess the risk of cloud providers, the tool helps the Cloud Security Alliance put a face on the challenge marked by this new technology.
While it’s been well-documented that the privacy of the cloud is an issue, let alone the threat hackers pose, the CSA once again makes good on supplying the public with new cloud-based guidance.