Citation Edit

European Network and Information Security Agency, Procure Secure: ENISA's New Guide for Monitoring Cloud Computing Contracts (Apr. 2, 2012) (full-text).

Overview Edit

Procurement of cloud computing services is an increasingly important task for governments and businesses across the EU — and information security is a key pain-point. To help solve this problem, the EU's cyber security agency, ENISA issued this new, practical guide for IT procurement teams, focusing on continuous security monitoring throughout the life-cycle of a cloud contract.

This publication builds on groundwork done by ENISA in 2009, when the Agency produced an assurance framework and tool for IT teams to assess the security of service providers before making a decision to move to the cloud. ENISA now goes one step further, with a follow-up guide detailing how to monitor the security of cloud services throughout the project life-cycle. The new guide focuses on public procurement.

This guide includes a checklist for procurement teams, as well as an in-depth description of each security parameter; what to measure and how. The security parameters covered are: service availability; incident response; service elasticity and load tolerance; data life cycle management; technical compliance and vulnerability management; change management; data isolation; and log management and forensics.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.