ENISA launches Cloud Computing Security Risk Assessment Document
ENISA (the European Network and Information Security Agency) today launched their 124 page report on Cloud Computing Security Risk Assessment.
At first glance it’s an excellent read and will be a fantastic accompaniment to the the CSA’s guidance. I plan to dig into it more over the weekend. I really appreciate the risk assessment approach which allows folks to prioritize their efforts on understanding the relevant high-level issues associed with Cloud.
Very well done. I look forward to seeing how CSA and ENISA can further work together on upcoming projects! I think the European perspective will help bring some balance and alternative views on Cloud in regards to legal and compliance issues specifically.
You can find the document here.
ENISA, supported by a group of subject matter expert comprising representatives from Industries, Academia and Governmental Organizations, has conducted, in the context of the Emerging and Future Risk Framework project, an risks assessment on cloud computing business model and technologies. The result is an in-depth and independent analysis that outlines some of the information security benefits and key security risks of cloud computing. The report provide also a set of practical recommendations.
Enisa is starting out with some good material. Cloud computing is open to trust and security issues all over the place, so having a methodology for assessing it helps a lot of us
Spirovski Bozidar
http://www.shortnfosec.net