January 26, 2012
The public cloud has become a practical solution for several enterprise IT tasks, as many businesses have already transferred infrastructure and applications to third-party cloud providers, while experts predict cloud adoption will expand even further this year.
The National Institute of Standards and Technology (NIST) recently finalized its first inaugural set of guidelines for managing security and privacy in the cloud. The procedures specifically deal with issues regarding security and privacy in the public cloud, which the NIST said is a strong choice for many enterprise applications and services.
"Public cloud computing and the other deployment models are a viable choice for many applications and services," said Tim Grance, co-author of the NIST's guidelines. "However, accountability for security and privacy in public cloud deployments cannot be delegated to a cloud provider and remains an obligation for the organization to fulfill."
When Grance released a draft of the publication last February, he said security issues in the public cloud are not unlike any other IT function, as it's essential for companies to devise an extensive strategy and execute the necessary preventative measures.
The NIST guidelines, which are catered toward IT managers and executives, walk businesses through the planning stages of outsourcing IT functions to a public cloud provider, including aspects of internal data security and privacy. Additionally, the report said companies should ensure all cloud resources and applications fit their internal security policies.
According to a recent Synergy Research Group study, the public cloud accounted for 56 percent of all cloud equipment spending during the first half of last year, and it's expected to gain a larger portion of the total cloud market as companies become more comfortable working with third-party providers. The report said private clouds are currently expanding faster than other platforms.
-McAfee Cloud Security