Security Slideshow: NIST Cloud Security Guidelines

By Don Reisinger  |  Posted 02-16-2011
Print this article   Print this article
The National Institute of Standards and Technology unveiled a set of guidelines for managing security and privacy issues in cloud computing. While this effort is aimed at organizations operating in the public sector, NIST's guidelines offered up valuable tips for any enterprise CIO considering the use of public cloud computing services. The NIST's Guidelines on Security and Privacy in Public Cloud Computing (SP 800-144) provides an overview of the security and privacy challenges for public cloud computing and presents recommendations that organizations should consider when outsourcing data, applications and infrastructure to a public cloud environment. The agency also has set up a new NIST Cloud Computing Collaboration Web site to enable two-way communication among the cloud community and NIST cloud research working groups. NIST also recently posted A NIST Definition of Cloud Computing (NIST Special Publication (SP) 800-145). NIST scientists are seeking feedback on both documents. Comments regarding the guidelines should be emailed to 800-144comments@nist.gov ; comments on the definition document should be E-mailed to 800-145comments@nist.gov. Feedback on both documents must be received no later than Feb. 28, 2011. Here are 10 highlights from the NIST cloud computing guidelines:

NIST Cloud Security Guidelines

Everything's NegotiableNon-negotiable service agreements -- in which the terms of service are prescribed completely by the cloud provider -- are generally the norm in public cloud computing. NIST recommends negotiated service agreements that address your organization's specific concerns about security and privacy details.
NIST Cloud Security Guidelines
 
 
 
 
 

Submit a Comment

Loading Comments...