CSA aims to give startups a leg-up in cloud security with new report
If you’re starting a small business, then you’re probably going to be utilising cloud technologies, for cost saving if nothing else. But without security, your ambitions could be over before they have begun.
A new whitepaper from the Cloud Security Alliance (CSA) aims to help software as a service startups build solid security foundations early into the product development cycle and gain customer trust in the process.
The key for startups, according to the paper, is to plan their security posture according to the progress they make in funding and product development. In the inception phase – when money is tight – startups need to focus on laying building blocks for potential security need. When the first paying customers arrive, the strategy should accelerate, and then when the company has a solid presence, a more mature security posture needs to come through.
There are various tips throughout the paper. For a start, the CSA recommends organisations be transparent about their security. “Offering your clients some useful security insights regarding the best ways to integrate your service into the client’s environment may position you as a trusted advisor,” the report notes. “This proactive approach may help you earn your client’s appreciation when they go to evaluate your company’s security risks.”
Another key is for organisations to understand the shared responsibility model – a bugbear this publication has frequently noted – as well as considering deploying to more than one region in its cloud provider platform to increase resilience to region-level failures.
“In today’s risk environment, young startups find themselves challenged on how to best align security with current and future business growth,” said John Yeoh, research director at CSA in a statement. “In creating this paper, we hope that startups, regardless of industry or geography, will find it a valuable tool in understanding, addressing and applying trusted and best practices for creating a secure computing environment.”
You can find out more about the report here (registration required).
Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.
- » Is the cloud the next thing for long-term data retention? Looking at the key vendors in the space
- » You've got 99 problems when it comes to public cloud compliance – but cryptojacking may not be one
- » Exploring the evolution of Kubernetes to manage diverse IT workloads
- » Why 86% of enterprises are increasing their IoT spending in 2019
- » How IT services are adapting to ongoing digital transformation