The European Network and Information Security Agency (ENISA) has published its report ‘Security and Resilience in Governmental Clouds’ to aid public administrations in understanding and managing the operational, legal, and security requirements surrounding cloud computing.
The stated main objectives of the 146 page report are ‘to highlight the pros and cons, with regard to information security and resilience, of community, private and public cloud computing delivery models; [and] to guide public bodies in the definition of their requirements for information security and resilience when evaluating cloud computing service delivery models.’ Whilst the report is based on analysis of three major groups – healthcare, local government administration, and publicly-owned cloud infrastructure as a business incubator, the issues raised are of relevance to IT management in institutions currently looking to migrate computer systems/services to the cloud. The press release (17/01/2011) and a link to the report is available from the ENISA website at http://www.enisa.europa.eu/