printer friendly version

Mimecast releases CSA STAR-compliant security controls

Mimecast has announced that it has published its security controls in response to the standards set by the Cloud Security Alliance (CSA) Security, Trust & Assurance Registry (STAR). STAR encourages companies to post self-assessments of their cloud services to prompt informed purchasing decisions. To date, Mimecast is one of only three companies to have provided access to their security controls, the others being Microsoft and Solutionary.

There has been a growing call to action for cloud security transparency, and although many companies are engaging with the CSA and STAR and filling out requesting information, they are reluctant to publish their own controls. This severely limits customers’ ability to make informed choices about their cloud security services, and impedes vendor accountability for offering apples-to-apples capability comparisons.

Three key trends that are driving Mimecast’s approach to security, as well as its desire to provide transparency into its security controls, are:

* E-mail security market consolidation: The market has consolidated rapidly, leaving a few key cloud vendors. As a result, many IT departments are migrating their on-premise gateways toward cloud-based security vendors such as Mimecast, as the cloud evolves beyond a trusted source into a business asset.

* Affordability: Economies of scale that cloud solutions offer, enables IT departments to deliver levels of protection, privacy and uptime more affordable than with on-premise solutions. IT departments can now affordably centralise data and services into meaningful, secure and accessible platforms that benefit the business.

* Enhanced IT performance: The cloud also drives enhanced performance from an IT delivery perspective. Such high standards and SLAs offered by cloud vendors are now driven by recognised standards bodies like the CSA. This means that IT departments can stop fire fighting and rely on trusted and reputable cloud sources for data services. Given that most businesses are short of IT resources, the cloud enables them to do more with less.

“At the end of the day, we have a responsibility to our current and future customers to be completely transparent about what we are offering and why,” says Grant Hodgkinson, business director at Mimecast South Africa. “We should be able to point out exactly how we stack up against other offerings, rather than treating our controls as proprietary, and encourage all cloud security vendors to do the same. It is the only way to perpetuate integrity, effectiveness and performance throughout the industry.”

Grant Hodgkinson

Share this article:

Further reading: