How Multi-Layer Cloud Security Leaves Hackers In The Cold

Grazed from AOL Government. Author: Vic Berger.

With the government’s Shared First initiative, the emergence of the Federal Risk and Authorization Management Program (FedRAMP) and ongoing budget pressures, migrating to the cloud has moved from an ideal to reality for many government agencies. However, along with the efficiencies and cost savings associated with cloud computing comes a number of information security risks that must be overcome.

Cyber security guidelines are continually evolving for the cloud computing environments that agencies are currently, or will soon be, operating. While the National Institute of Standards and Technology (NIST), issued its first draft Guidelines on Security and Privacy in Public Cloud Computing nearly a year ago, a widely accepted IT service management framework like Information Technology Infrastructure Library (ITIL v3), for instance, has yet to be updated for managing a cloud computing infrastructure. Simply put, a standard, industry-wide set of best practices for securing the cloud is still taking shape…

When the dust settles, a multi-level cloud security model that integrates traditional access control systems with concepts such as location-based access control, data at rest encryption, data leakage prevention and data ownership ultimately should be in place to best protect government agencies’ sensitive data…

Read more from the source @ http://gov.aol.com/2012/12/06/how-multi-layer-cloud-security-leaves-hackers-in-the-cold/