Select Page

Cloud computing is gaining its popularity in an accelerated mode and many businesses and government entities are adopting cloud computing for supporting their business needs. NIST has recently released a a special publication on .Guidelines on Security and Privacy in Public Cloud Computing..

The SP 800-144 document covers the security requirements to be met by federal agencies opting for cloud computing. The key guidelines are based on the following:

  • Carefully plan the security and privacy aspects of cloud computing solutions before engaging them.
  • Understand the public cloud computing environment offered by the cloud provider.
  • Ensure that  a cloud computing solution satisfies  organizational security and privacy requirements. 
  • Ensure that the client-side computing environment meets organizational security and privacy requirements for cloud computing.
  • Maintain accountability over the privacy and security of data and applications implemented and deployed in public cloud computing environments.

There are 7 chapters, chapters from 2 to 6 are the key sections. These chapters cover topics such as:

  • Basics of cloud computing
  • Various models of public cloud computing
  • The benefits and drawbacks of public cloud computing from a security and privacy perspective
  • Key threats to the security and privacy of information in public cloud computing
  • Potential risk mitigation option in the cloud computing
  • Outsourcing data to public cloud computing

The publication also provides a detailed list of Federal Information Processing Standards and NIST special publications that provide materials particularly relevant to cloud computing and are recommended to be used in conjunction with SP 800-144.

The document can be downloaded from here (PDF).