NIST Releases Federal Cloud Guidelines - InformationWeek
IoT
IoT
Cloud
News
5/13/2011
10:32 AM
50%
50%
RELATED EVENTS
Moving UEBA Beyond the Ground Floor
Sep 20, 2017
This webinar will provide the details you need about UEBA so you can make the decisions on how bes ...Read More>>

NIST Releases Federal Cloud Guidelines

Technology standards organization aims to be a comprehensive resource to help agencies comply with government's "cloud-first" mandate.

Top 20 Government Cloud Service Providers
(click image for larger view)
Slideshow: Top 20 Government Cloud Service Providers
The federal technology standards organization has released its most comprehensive guide to date for how agencies should implement cloud computing, a move that should clear up myths about the technology and pave the way for more standard cloud implementations among agencies.

The National Institute for Standards and Technology (NIST) has published an 84-page draft of its cloud computing guidelines, NIST Cloud Computing Synopsis and Recommendations, or SP 800-146, and is seeking comment from federal agencies and the public on its recommendations.

There are still many myths about cloud computing, even from technologists who are charged with implementing it. Since government agencies look to NIST for guidance in deploying technologies, the document tackles the cloud from various angles and tries to cover as much ground as possible.

Because cloud computing is not merely one technology but a collection of many in a particular systems environment, NIST provides an overview of different cloud environments--software as a service, platform as a service, and infrastructure as a service--and discusses each in detail.

The document also provides information on how organizations should balance the opportunities and efficiencies that cloud computing presents with its security risks. Other topics include computing performance, reliability, economics, compliance, and data and applications security, as well as the typical costs of cloud computing.

Last December U.S. CIO Vivek Kundra issued a "cloud-first" mandate to agencies requiring they consider the cloud as an option before deciding on new technology deployment.

He also demanded that agencies identify three existing systems that could move to the cloud, which he said recently has been done. Cloud computing is an integral part of the feds' 25-point IT reform plan.

Earlier this year NIST also published a draft for managing security and privacy in the cloud, hastening the document's release at Kundra's request to support the cloud-first policy. The standards body sets security requirements for technology the government uses under the Federal Information Security Management Act (FISMA).

NIST is accepting comments on the document via e-mail at 8800-146comments@nist.gov until June 13.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll