Is your IT department considering cloud service solutions? If so, you'll want to check out the NIST Guidelines on Security and Privacy in Public Cloud Computing. This document provides key recommendations that ensure that your cloud planning includes measures for protecting sensitive data from the outset to help you maximize efficiency and minimize costs.
Cloud service providers, generally, are unaware of the specific security and privacy needs of an organization, so it's wise to have these needs explicitly documented before engaging with them. Since privacy and security threats are increased by the Web-based nature of client-side environment, and those threats are compounded by the loss of physical and logical control represented by mobile devices, organizations can't afford to rush into a cloud computing arrangement without first identifying the inherent risks and developing a strategy for handling them.
Use the NIST guidelines to create security and privacy controls for cloud-based applications that equal or surpass those that would be in place if the applications were used in-house.
More from IT Business Edge and the Knowledge Network