Technology standards organization aims to be a comprehensive resource to help agencies comply with government's "cloud-first" mandate.
(click image for larger view)
Slideshow: Top 20 Government Cloud Service Providers
The federal technology standards organization has released its most comprehensive guide to date for how agencies should implement cloud computing, a move that should clear up myths about the technology and pave the way for more standard cloud implementations among agencies.
The National Institute for Standards and Technology (NIST) has published an 84-page draft of its cloud computing guidelines, NIST Cloud Computing Synopsis and Recommendations, or SP 800-146, and is seeking comment from federal agencies and the public on its recommendations.
There are still many myths about cloud computing, even from technologists who are charged with implementing it. Since government agencies look to NIST for guidance in deploying technologies, the document tackles the cloud from various angles and tries to cover as much ground as possible.
Because cloud computing is not merely one technology but a collection of many in a particular systems environment, NIST provides an overview of different cloud environments--software as a service, platform as a service, and infrastructure as a service--and discusses each in detail.
The document also provides information on how organizations should balance the opportunities and efficiencies that cloud computing presents with its security risks. Other topics include computing performance, reliability, economics, compliance, and data and applications security, as well as the typical costs of cloud computing.
Last December U.S. CIO Vivek Kundra issued a "cloud-first" mandate to agencies requiring they consider the cloud as an option before deciding on new technology deployment.
He also demanded that agencies identify three existing systems that could move to the cloud, which he said recently has been done. Cloud computing is an integral part of the feds' 25-point IT reform plan.
Earlier this year NIST also published a draft for managing security and privacy in the cloud, hastening the document's release at Kundra's request to support the cloud-first policy. The standards body sets security requirements for technology the government uses under the Federal Information Security Management Act (FISMA).
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.