Accession Number:

AD1107883

Title:

Federal Cloud Security

Descriptive Note:

Technical Report

Corporate Author:

MITRE CORP MCLEAN VA MCLEAN

Personal Author(s):

Report Date:

2015-12-28

Pagination or Media Count:

44.0

Abstract:

When Federal government departments and agencies choose to adopt cloud computing, security is a major consideration in the planning, migrating, and operations and maintenance of critical IT systems. Agencies must consider the goals, planned cloud ecosystem, mission and business functions, processes, sensitivity of data, and processing capabilities. Agencies must fully understand the roles and responsibilities of themselves, FedRAMP, and Cloud Service Providers CSPs. As consumers of cloud services, agencies must also fully understand the impacts of the three Service Models Infrastructure as a Service IaaS, Platform as a Service PaaS and Software as a Service SaaS with regard to security, as each Service Model brings different security requirements and responsibilities. As agencies transition their applications and data to cloud computing solutions, it is critically important that the level of security provided in the cloud environment be equal to or better than the security provided by its traditional IT environment.

Subject Categories:

  • Computer Systems Management and Standards
  • Computer Programming and Software

Distribution Statement:

APPROVED FOR PUBLIC RELEASE