Government it systems require strong auditing and

This preview shows page 53 - 54 out of 76 pages.

Government IT systems require strong auditing and compliance needs. In a lot of cases, these requirements must be in place before a system can be approved for operation. This is another area that requires standardization and is exacerbated as the consumer organizations typically do not own or control the underlying system resources that implement the system capabilities. Standardization in policies, processes, and technical controls in supporting the security auditing requirements, regulations, and law compliance needs to consider the collaboration process between the cloud consumers and providers, their roles and the sharing of the responsibilities in implementing these capabilities. 7.2 Standardization Priorities Based on USG Priorities to Standardization Priorities Based on USG Cloud Computing Adoption Priorities As described in the Federal Cloud Computing Strategy, there are cloud computing business use cases that have higher priorities than others. The requirements expressed in these high-priority target business use cases can be used to prioritize the standardization gaps. For example, various USG groups have identified data center consolidation using virtualization technologies as one of the primary goals in the next few years. Migrating collaboration applications, including email messaging (email, contacts, and calendars) and online office productivity application, to the cloud is also quoted as an early target of government cloud operation. By analyzing the USG cloud computing target business use cases with their specific technical requirements, one can point out the following basic drivers that can be used to prioritize cloud computing standard gaps:
Image of page 53

Subscribe to view the full document.

NIST Cloud Computing Standards Roadmap NIST SP500 291 v1.0 54 The focus on supporting migration of system workload, including data, metadata and processing logic of existing in-house IT systems, to cloud-based systems to ensure continuous operation; this focus is centered on portability standards. The need to have interoperability between existing in-house IT systems and cloud-based systems, as cloud-deployed systems will not be the only part of the overall enterprise system; this need is centered on interoperability standards, including security interoperability standards. The need to help government consumers to choose and buy the most cost-effective solutions. If a cloud solution is not as economical as an in-house traditional IT system, there is no financial incentive to move the system to the cloud. Based on these understandings, the following areas of standardization gaps in cloud computing are of higher priorities for USG cloud consumers: 7.2.1 Security Auditing and Compliance Auditing and compliance data and metadata format standards are needed. Standard interfaces to retrieve and manage these data and metadata assets are also required to be integrated with existing tools and processes. In addition, policy, process and technical control standards are
Image of page 54
You've reached the end of this preview.
  • Spring '14
  • NIST Cloud Computing Standards Roadmap

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern