NIST creates cloud-computing team

The National Institute of Standards and Technology has created a new team to determine the best way to provide security for agencies that want to adopt the emerging technology called cloud computing, said Ron Ross, a senior computer scientist and information security researcher at NIST.

“The team will give our customers a sense of what kinds of risks they may be taking on by moving into that new territory,” Ross said today at the SaaS/Gov 2009 conference produced by the Software and Information Industry Association and market research firm Input.

Cloud computing refers to an arrangement in which an organization pays a service provider to deliver applications, computing power and storage via the Web.

Implementing cloud computing at agencies will be similar to how government organizations adopted and secured wireless technology, Ross said.

“When wireless came along, we didn’t really know a lot about how to protect it, but we developed that understanding as we went forward, and now we do a pretty good job of protecting wireless,” he said.

Security experts at NIST are responsible for figuring out how to make the new technology secure. Each agency will decide whether and to what extent it wants to adopt cloud computing.

NIST plans to demonstrate how current standards and guidelines for evaluating technology can be used for cloud computing, Ross said.

Federal agencies need to determine how to certify and accredit new technology when a service provider is involved, as is the case with cloud computing, and service providers will need to provide evidence to federal customers that they have accomplished the due diligence on security, he said.

Meanwhile, the team hopes to prepare NIST officials to handle agencies’ questions about cloud computing. “When customers ask us, ‘Is it a good way to go?’ or ‘Is it secure enough for us?’ we’re going to try and provide some of that information,” Ross said.

About the Author

Doug Beizer is a staff writer for Federal Computer Week.

Featured

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

  • FCW Illustration.  Original Images: Shutterstock, Airbnb

    Should federal contracting be more like Airbnb?

    Steve Kelman believes a lighter touch and a bit more trust could transform today's compliance culture.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.