Cloud Computing Security Considerations

illness Geneva, sans-serif; line-height: 16px; border-collapse: collapse; -webkit-border-horizontal-spacing: 2px; -webkit-border-vertical-spacing: 2px;">Cloud computing and other IT outsourcing services allows an agency to "focus on their core business" rather than recruitment and retention of specialist IT staff and purchase and maintenance of software and hardware – but what are the risks from a Government perspective in utilising Cloud Computing services?

Australia's Defence Signals Directorate has published a comprehensive guide to risks Australian Government agencies should take into account when considering the use of cloud computing services and aims to "assist agencies to perform a risk assessment to determine the viability of using cloud computing services."

Although the document states that its checklist of considerations are a "guide for discussion of risk" and not exhaustive, the detail and quality of advice is comprehensive. Developing a risk assessment will assist senior business representatives make an informed decision as to whether cloud computing is currently suitable to meet their business goals with an acceptable level of risk.

The document raises questions that address the following topics:

  • Availability of data and business functionality;
  • Protecting data from unauthorised access; and,
  • Handling security incidents.

Read More