To mitigate such risks, NIST SP 800-144 provides a list of issues that need to be considered or put into action, such as handling regulatory compliance, identity management, availability, and incident response.
NIST's guidance adds to existing work done by the Cloud Security Alliance and the European Network and Information Security Agency and it's Cloud Computing Risk Assessment.
NIST is requesting public comments on both documents through the end of February. Comments for SP 800 145 can be sent to firstname.lastname@example.org, while comments for SP 800 144 can be sent to email@example.com.
Sign up for Computerworld eNewsletters.