Top 5 Cloud Service Provider Accreditations and Third-Party Auditor Reports

Cloud Service provider is responsible for protecting its infrastructure that runs all the services in the cloud. The Infrastructure is combination of hardware, software, networking, facilities etc. It is not possible for all customers to visit and inspect physical and technical security of the cloud data center hence all CSPs publish several third-party auditors report to validate its compliance. CSPs  provide reports from third-party auditors who have verified their compliance with a variety of computer security standards and regulations that is known as Cloud Service Provider Accreditation.

Compliance Program provided by Cloud Services Providers

Cloud Service providers ensure robust controls to secure their infrastructure, to protect client data. As virtual systems build over the cloud Infrastructure need also to be secured and it comes with shared responsibility and compliance. Cloud Data center environment comes with audit friendly features and standards to ensure client satisfaction about their data security. The IT infrastructure that CSP provides to its customers is designed and managed in orientation with security best practices and a variety of IT security standards due to economies of scale, including but not limited to the following:

AWS (Amazon) Security Certifications /Accreditation 

• Cloud Computing Compliance Controls Catalogue (C5)
• FedRAMP Partner Package
• Global Financial Services Regulatory Principles IRAP Package
• ISO 27001:2013 Certification and Statement of Applicability (SoA)
• ISO 27017:2015 Certification and Statement of Applicability (SoA)
• ISO 27018:2014 Certification and Statement of Applicability (SoA)
• ISO 9001:2015 Certification
• MAS TRM Guidelines Workbook
• PCI DSS Attestation of Compliance (AOC) and Responsibility Summary
• PSN Connection Compliance Certificate (CoCo)
• PSN Service Provision Compliance Certificate
• Quality Management System Overview
• Service Organization Controls (SOC) 1 Report
• Service Organization Controls (SOC) 2 Report
• Service Organization Controls (SOC) 3 Report
• SOC Continued Operations

 Microsoft Azure Security and Compliance Certifications / Accreditation 

• ISO 27001, FedRAMP, SOC 1 and SOC 2.
• The Content Delivery and Security Association (CDSA)
• Criminal Justice Information Services (CJIS)
• The Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) CSACCM
• EU Model Clause
• FDA 21 CFR Part 11(The US Food and Drug Administration (FDA) Code of Federal
• Regulations (CFR) Title 21 Part 11)
• FedRAMP(Federal Risk and Authorization Management Program (FedRAMP)
• The Family Educational Rights and Privacy Act (FERPA)
• FIPS 140-2. Federal Information Processing Standard (FIPS) Publication 140-2
• The Health Insurance Portability and Accountability Act (HIPAA)
• IRAP (Australian Government Information Security Registered Assessors Program)
• ISO/IEC 27001/27002:2013
• Multi-Level Protection Scheme (MLPS) is based on the Chinese state standard issued by the Ministry of Public Security
• Multi-Tier Cloud Security Standard for Singapore (MTCS SS),
• Payment Card Industry (PCI) Data Security Standards (DSS) version 3.0
• TCS CCCPPF Trusted Cloud Service certification developed by the China Cloud Computing Promotion and Policy Forum (CCCPPF)
• UK G-Cloud. 

Google Security and Compliance Certifications / Accreditation

• SSAE16 / ISAE 3402 Type II:
• SOC 1
• SOC 2
• SOC 3 public audit report
• ISO 27017, Cloud Security
• ISO 27018, Cloud Privacy
• FedRAMP ATO for Google App Engine
• PCI DSS v3.2
• HIPAA
• CSA STAR
• MTCS Tier 3 Certification (Singapore)
• Google Cloud Platform and the EU Data Protection Directive 

IBM Security and Compliance Certifications / Accreditation

• FedRAMP
• FISMA
• FFIEC
• SOC Reports
• ISO 27001
• ISO 27017
• ISO 27018
• Cloud Security Alliance
• PCI Compliance
• HIPAA
• HITRUST Assessment
• GSMA (DAL09, PAR01)
• CJIS Standards
• EU Model Clauses
• Privacy Shield
• IBM ISO Management System Certifications

Related Read:

• What is Cloud Computing?
• Understanding Cloud Security & Data Protection in Cloud

I hope you like this article. Please follow our Facebook page and Twitter handle to get latest updates.

Reference Links: Azure , AWS  ,Google ,IBM

• Author
• Recent Posts

Shatakshi

Latest posts by Shatakshi (see all)

• Cloud Data Center Locations for Top 3 CSPs (AWS, Azure & Google) - September 23, 2019
• CCSK Certification Training Material - September 21, 2019
• Cloud Security – How to Secure Cloud Environment? - December 24, 2018

Summary

Article Name

Top 5 Cloud Service Provider Accreditations and Third-Party Auditor Reports

Description

CSPs provide several reports from third-party auditors who have verified their compliance with a variety of computer security standards and regulations that is known as Cloud Service Provider Accreditations.

Author

Shatakshi Singh

Publisher Name

www.techyaz.com