Blog
NIST’s Cloud Computing Privacy Guidelines a Useful Tool
Blog
March 8, 2012
The National Institute of Standards and Technology (NIST), a division of the U.S. Department of Commerce, has issued a new Guidelines on Security and Privacy in Public Cloud Computing. In its comments, the NIST acknowledged that cloud computing technologies vary widely, and coexist with many different technologies. This makes the security challenges quite difficult, including those faced by public clouds whose infrastructure and computational resources are owned and operated by an outside party that delivers services to the general public. The guide recommends that cloud providers plan carefully, understand the full environment, satisfy organizational security and privacy requirements and maintain accountability. The document is intended for those working on implementation, but can be a helpful resource for the legal team as well.
TIP: The NIST guide is a useful tool to help understand expectations around data security in the cloud environment. As security in this realm comes under scrutiny, companies would be well served to familiarize themselves with this tool.
This entry has been created for information and planning purposes. It is not intended to be, nor should it be substituted for, legal advice, which turns on specific facts.