Agencies responsible for security in public cloud, NIST says

Thursday - 1/26/2012, 7:49am EST

New guidance puts the onus on your agency to secure its presence in the public cloud.

According to a release from the National Institute of Standards and Technology, the key guidelines include:

  • Carefully plan the security and privacy aspects of cloud computing solutions before implementing them.
  • Understand the public cloud computing environment offered by the cloud provider.
  • Ensure that a cloud computing solution—both cloud resources and cloud-based applications—satisfy organizational security and privacy requirements.
  • Maintain accountability over the privacy and security of data and applications implemented and deployed in public cloud computing environments.

"Public cloud computing and the other deployment models are a viable choice for many applications and services. However, accountability for security and privacy in public cloud deployments cannot be delegated to a cloud provider and remains an obligation for the organization to fulfill," said publication co-author Tim Grance in the release.

This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.