Cloud Computing Security Considerations
Download Cloud Computing Security Considerations (635K PDF) (45K TXT)
Cloud computing offers potential benefits including cost savings and improved business outcomes for Australian government agencies. However, there are a variety of information security risks that need to be carefully considered.
This discussion paper assists agencies to perform a risk assessment and make an informed decision as to whether cloud computing is currently suitable to meet their business goals with an acceptable level of risk.
The document addresses the following topics:
- availability of data and business functionality
- protecting data from unauthorised access
- handling security incidents.
Contents
- Introduction (paragraphs 1–4)
- Overview of Cloud Computing (paragraphs 5–9)
- Overview of Business Drivers to Adopt Cloud Computing (paragraphs 10–13)
- Risk Management (paragraphs 14–16)
- Overview of Cloud Computing Security Considerations (paragraph 17)
- Detailed Cloud Computing Security Considerations (paragraph 18)
- Maintaining Availability and Business Functionality (paragraphs 19a–19m)
- Protecting Data from Unauthorised Access by a Third Party (paragraphs 20a–20s)
- Protecting Data from Unauthorised Access by the Vendor’s Customers (paragraphs 21a–21d)
- Protecting Data from Unauthorised Access by Rogue Vendor Employees (paragraphs 22a–22f)
- Handling Security Incidents (paragraphs 23a–23h)
- Additional Information