Cloud Security Alliance launches Hong Kong Macau chapter
By Sheila Lam, Computerworld Hong Kong 17-May-2012
Aiming to promote security best practices among cloud service providers, the Cloud Security Alliance (CSA) opened its Hong Kong and Macau Chapter on Thursday.
This follows the launch of the Cloud Security Alliance Australia chapter yesterday on Queensland's Gold Coast.
CSA is a non-profit organization with more than 330,000 individual members across 60 chapters around the world. The key goals of the local chapter are to enhance user confidence in cloud security, facilitate training and to encourage professional discussion to influence security practices in cloud computing deployments.
Chairman of the CSA Hong Kong and Macau Chapter Anthony Ma (pictured) told Computerworld Hong Kong the local chapter plans to engage in three major initiatives. One of the leading initiatives is to collaborate with Intel on a research in encryption for data transaction within and between different cloud environments.
The local chapter will also promote security best practices for both cloud service providers and users, as well as to develop standards and specifications between Hong Kong and Macau.
In addition, Ma noted the local chapter is participating in the Hong Kong's OGCIO cloud expert group to help tackle the issue of information security and data privacy protection.
"I believe this Hong Kong and Macau Chapter, riding on local efforts and exchanges with other chapters globally, will make commendable contributions and efforts towards enhancing user awareness and confidence in adopting cloud, and encouraging professional discussion in cloud security," said Daniel Lai, Hong Kong government CIO.
Visibility among cloud service provider
Apart from local initiatives, Ma added the Hong Kong and Macau chapter will also participate at the CSA's global initiatives.
One of them is CSA STAR (Security Trust Assurance Registry). Jim Reavis, co-founder and executive director at CSA noted the program aims to encourage transparency of security practices among cloud service providers.
Cloud service providers are encouraged to register in this program by providing a self-assessment report that documented their best practices and policies. The searchable registry will allow potential cloud users to review and compare the cloud service providers' security practices.
"Providers need to be very transparent, that is how we can achieve better assurance about security," said Reavis. "It is a fundamental right for consumer to ask [their providers about] what are the systems and the security policies."
According to Aloysius Cheang managing director APAC of CSA, there are currently 32 cloud service providers registered in this program. Cheang noted CSA aims to drive more cloud service providers in the region to participate in this program.
Another CSA global initiative that Cheang aims to bring to promote within the region is the Open Certification Framework. The program develops different certification programs that fit specific markets and regulatory needs for both individual security professionals and cloud service providers.
He added CSA will announce its Asia Pacific headquarter(s) by end of June. Hong Kong, Singapore and Malaysia are among the locations under consideration.