20 May 2011 – The National Institute of Standards and Technology (NIST) has issued a draft guide to cloud computing that includes a number of recommendations to enhance security in the cloud environment. The draft guide, NIST Cloud Computing Synopsis and Recommendations (Special Publication 800-146), provides information for IT decision makers interested in moving into the cloud. Quoting Lee Badger, an IT specialist with the NIST’s Computer Security Division and one of the authors of the publication:
“Information security in the cloud is a real challenge. There are several factors to consider. One is that cloud systems, at least in some of their configurations, are outsourced system. Therefore, for one to have confidence that the system is treating your data with due care, one has to have confidence that the people who are running that system are exercising the care you think is appropriate. The importance of the boundaries that separate cloud users is high in terms of security. You may not know geographically where your data is located. That might reduce confidence.
In the publication, NIST recommends that organizations … Read more