This bulletin summarizes the information presented in NIST Special Publication (SP) 800-144, Guidelines on Security and Privacy in Public Cloud Computing. These new guidelines, which were written by Wayne Jansen of Booz Allen Hamilton and Tim Grance of NIST, present an overview of public cloud computing, and discuss the benefits and drawbacks of public cloud services with an emphasis on the security and privacy considerations. The bulletin discusses the contents of the publication, including NIST's definition of cloud computing, the different models for implementing cloud computing, and NIST's recommendations to federal departments and agencies concerning practices that should be used when planning for and implementing cloud computing. References are provided to NIST publications and web pages that provide assistance to organizations on applying a risk-based approach to protecting information and information systems throughout their life cycle.
Citation: ITL Bulletin -
NIST Pub Series: ITL Bulletin
Pub Type: NIST Pubs
cloud computing, computer security, cyber security, information security, information systems, information technology (IT), information technology outsourcing, NIST Special Publications, privacy, risk analysis, risk management, security controls, security management, threats, vulnerabilities