The security practices were released to guide cloud customers, potential customers and cloud service providers on the latest obligations budding from the European General Data Protection Regulation.
Users interested in knowing more about the rules can go through the website of CSA GDPR Resource Center which acts as a repository offering resources and helps educate cloud service providers and enterprises on the new data protection regulations prevailing in Europe.
“As the world is witnessing shifting regulations over cloud computing, enterprises are finding it hard to keep up the pace with the latest. Thus, the Privacy Level Agreement(PLA) Working Group discovered that it was time to have proper guidance in place for startups and SMBs to achieve compliance with the EU data protection laws” said Francoise Gilbert, CSA lead and Co-Chairperson of PLA working group.
Gilbert added in his statement that the introduction of GDPR has increased the risk level for data protection compliance to many folds.
So, CSA has come up with necessary guidelines for legal compliance and to bring in necessary transparency on the level of data protection offered by the CSPs.
As per the details available to our Cybersecurity Insiders, the CSA Code of Conduct report elaborates security measures in three phases for startups-First from inception to growth and then towards maturity. Also, the report divides controls into three domains- application security, platform security, and security management- all to help company founders, CTOs, product managers and technology architects.
Furthermore, the report also addresses best practices and tips for choosing cloud platforms.