11.1 C
New York

NIST guide for managing cloud security and privacy

Published:

Cloud computing is gaining its popularity in an accelerated mode and many businesses and government entities are adopting cloud computing for supporting their business needs. NIST has recently released a a special publication on .Guidelines on Security and Privacy in Public Cloud Computing..

The SP 800-144 document covers the security requirements to be met by federal agencies opting for cloud computing. The key guidelines are based on the following:

  • Carefully plan the security and privacy aspects of cloud computing solutions before engaging them.
  • Understand the public cloud computing environment offered by the cloud provider.
  • Ensure that  a cloud computing solution satisfies  organizational security and privacy requirements. 
  • Ensure that the client-side computing environment meets organizational security and privacy requirements for cloud computing.
  • Maintain accountability over the privacy and security of data and applications implemented and deployed in public cloud computing environments.

There are 7 chapters, chapters from 2 to 6 are the key sections. These chapters cover topics such as:

  • Basics of cloud computing
  • Various models of public cloud computing
  • The benefits and drawbacks of public cloud computing from a security and privacy perspective
  • Key threats to the security and privacy of information in public cloud computing
  • Potential risk mitigation option in the cloud computing
  • Outsourcing data to public cloud computing

The publication also provides a detailed list of Federal Information Processing Standards and NIST special publications that provide materials particularly relevant to cloud computing and are recommended to be used in conjunction with SP 800-144.

The document can be downloaded from here (PDF).

Related articles

Recent articles

spot_img