Cloud service providers are encouraged to register in this program by providing a self-assessment report that documented their best practices and policies. The searchable registry will allow potential cloud users to review and compare the cloud service providers' security practices.
"Providers need to be very transparent, that is how we can achieve better assurance about security," said Reavis. "It is a fundamental right for consumer to ask [their providers about] what are the systems and the security policies."
According to Aloysius Cheang managing director APAC of CSA, there are currently 32 cloud service providers registered in this program. Cheang noted CSA aims to drive more cloud service providers in the region to participate in this program.
Another CSA global initiative that Cheang aims to bring to promote within the region is the Open Certification Framework. The program develops different certification programs that fit specific markets and regulatory needs for both individual security professionals and cloud service providers.
He added CSA will announce its Asia Pacific headquarter(s) by end of June. Hong Kong, Singapore and Malaysia are among the locations under consideration.