609 KB | 3 files | DOC, PDF
Cloud computing has made access to computing resources a lot easier, but with that convenience has come a whole new universe of threats and vulnerabilities. These guidelines will help you evaluate and secure your cloud presence.
Cloud computing has been defined by NIST as a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or cloud provider interaction. Cloud computing technologies can be implemented in a wide variety of architectures, under different service and deployment models, and can coexist with other technologies and software design approaches. The security challenges cloud computing presents, however, are formidable, especially for public clouds whose infrastructure and computational resources are owned by an outside party that sells those services to the general public.
The emergence of cloud computing promises to have far-reaching effects on the systems and networks of federal agencies and other organizations. Many of the features that make cloud computing attractive, however, can also be at odds with traditional security models and controls. The primary purpose of this report is to provide an overview of public cloud computing and the security and privacy considerations involved. More specifically, this document describes the threats, technology risks and safeguards surrounding public cloud environments and their treatment.
The attached Zip file includes:
This table outlines the top needs of each stakeholder group that can help guide your conversations on priorities and needs for the GRC program. ... More >>
This publication provides guidelines for establishing and participating in cyber threat information sharing relationships. ... More >>
This document provides recommendations and guidelines for enhancing trust in email, including transmission and content security recommendations. ... More >>