NIST releases draft cloud computing standards
23 May 2011 09:15:50
Recommendations for the provision and use of cloud computing systems were released this month by the National Institute of Standards and Technology, in the hope of providing greater standardization and cloud security for vendors and clients.
Security, NIST said, is likely to prove a continuing concern for cloud computing as a model, though it also pointed out that cloud security could actually improve on existing standards in some ways. However, the centralization of large amounts of sensitive data cannot fail to be a tempting target for hackers, making the strictest security arrangements a necessity.
Operationally, cloud computing is generally better for small independent components of applications than for large integrated programs, NIST said. The government standards organization also said that business functions that would be seriously disrupted by bandwidth bottlenecks or other interruptions would be less useful in the cloud. Companies should fully understand service level agreements with public cloud providers for this purpose.
Private sector experts reached the same conclusion on this last point, as Gartner Research recently offered a set of tips for making sure a cloud services contract was fair to both parties.
-McAfee Cloud Security
