Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.


333 West San Carlos Street
San Jose, California 95110
United States


ChannelPro Network Awards

hello 2
hello 3

Press Releases

September 14, 2021 | ChannelPro

Latest Research from Cloud Security Alliance Offers Guidance on Designing Serverless Architecture, Adopting Cloud-Native Key Management Systems

Documents offer road maps to those looking to implement new systems within their organizations

The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today released two sets of guidance from its research working groups. The first, How to Design a Secure Serverless Architecture, offers specific security best practices for implementing applications on a serverless platform along with recommended controls application owners should adopt. Recommendations for Adopting a Cloud-Native Key Management System (KMS), meanwhile, provides project and program managers, among others, with general guidance for choosing, planning, and deploying a cloud-native KMS.

“Adopting a cloud-native KMS doesn’t need to be more complicated than the adoption of a public cloud service”

Tweet this

Written by CSA’s Serverless Working Group, How to Design a Secure Serverless Architecture [URL] provides application developers and architects, security and risk management professionals, and others involved in administering and securing systems with a set of best practices and recommendations for securing serverless applications. While it offers an extensive overview of a variety of threats, rather than detailing the more generic, cloud-related security aspects, the document focuses on the application owner and the threats facing applications on a serverless platform, specifically those aspects that change as a result of moving to a serverless service.

“IT organizations in nearly every industry are feeling pressure to quickly deliver value, get ahead of the competition, and provide customers with new experiences. Serverless platforms allow application teams to deliver value quickly, without having to manage the infrastructure the application runs on. As this movement gains steam, we can expect to see a proliferation of serverless platforms and more high-value applications being run on these platforms. Security concerns on serverless platforms are only going to grow, and organizations need to understand how to best protect themselves,” said Aradhna Chetal, one of the paper’s co-authors and co-chair of the Serverless Working Group.

Recommendations for Adopting a Cloud-Native Key Management System (KMS), which was written by the Cloud Key Management Working Group, addresses the technical, operational, legal, regulatory, and financial aspects of leveraging a cloud-native KMS, with the goal of optimizing business outcomes, including agility, cost, and compliance. It’s envisioned that the program or project manager will refer to the guidance as they lead their organization through the lifecycle stages covered within the document.

“Adopting a cloud-native KMS doesn’t need to be more complicated than the adoption of a public cloud service,” said Paul Rich, co-chair of the Cloud Key Management Working Group and a co-author of the paper. “However, because a KMS is often a core utility, its adoption warrants the same treatment you would apply to directory and other identity services. Like all information systems, it’s important to have the necessary talent available and give them sufficient time and guidance, all of which will go a long way toward successful adoption.”

The Cloud Key Management Working Group aims to facilitate the standards for seamless integration between cloud service providers and key broker services. Those interested in participating in future research and initiatives involving cloud key management are invited to join the working group.

The Serverless Working Group seeks to develop best practices to help organizations looking to run their business with a serverless business model. Individuals interested in becoming involved in future serverless research and initiatives are invited to join the working group.

Download How to Design a Secure Serverless Architecture and Recommendations for Adopting a Cloud-Native Key Management System now.

About Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, training, certification, events, and products. CSA’s activities, knowledge, and extensive network benefit the entire community impacted by cloud — from providers and customers to governments, entrepreneurs, and the assurance industry — and provide a forum through which different parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at, and follow us on Twitter @cloudsa.


Media Contacts
Kari Walker for the CSA

Editor’s Choice

Exclaimer is Embracing MSPs With a New Program. Could Email Signatures Be Newest ‘as a Service’ Offering?

February 28, 2024 |

If you never thought email signatures could be a source of recurring revenue, think again. Managing it can help you and your customers monetize email in a way you probably never thought possible.

EXCLUSIVE INTERVIEW: Dell’s New Chief Partner Officer Denise Millard Gets Candid on AI

February 23, 2024 |

Dell’s new chief partner officer believes that 2024 is the year that artificial intelligence becomes “real” for businesses and consumers alike.

EXCLUSIVE INTERVIEW: Nerdio CEO Shares Insights on Integrating AI in MSP Operations

February 22, 2024 |

Fresh off of his company’s recent announcements, Vadim Vladimirskiy shares how Nerdio is committed to leveraging AI and other technologies to enhance the MSP experience.

Related News

Growing the MSP

Explore ChannelPro


Reach Our Audience