NIST creates cloud-computing team

The National Institute of Standards and Technology has created a new team to determine the best way to provide security for agencies that want to adopt the emerging technology called cloud computing, said Ron Ross, a senior computer scientist and information security researcher at NIST.

“The team will give our customers a sense of what kinds of risks they may be taking on by moving into that new territory,” Ross said today at the SaaS/Gov 2009 conference produced by the Software and Information Industry Association and market research firm Input.

Cloud computing refers to an arrangement in which an organization pays a service provider to deliver applications, computing power and storage via the Web.

Implementing cloud computing at agencies will be similar to how government organizations adopted and secured wireless technology, Ross said.

“When wireless came along, we didn’t really know a lot about how to protect it, but we developed that understanding as we went forward, and now we do a pretty good job of protecting wireless,” he said.

Security experts at NIST are responsible for figuring out how to make the new technology secure. Each agency will decide whether and to what extent it wants to adopt cloud computing.

NIST plans to demonstrate how current standards and guidelines for evaluating technology can be used for cloud computing, Ross said.

Federal agencies need to determine how to certify and accredit new technology when a service provider is involved, as is the case with cloud computing, and service providers will need to provide evidence to federal customers that they have accomplished the due diligence on security, he said.

Meanwhile, the team hopes to prepare NIST officials to handle agencies’ questions about cloud computing. “When customers ask us, ‘Is it a good way to go?’ or ‘Is it secure enough for us?’ we’re going to try and provide some of that information,” Ross said.

About the Author

Doug Beizer is a staff writer for Federal Computer Week.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.