In a useful but long-winded set of documents aimed at furthering adoption of cloud computing, NIST has zeroed in...
on interoperability, security and portability as key areas for improvement.
Kudos to NIST for pushing the industry in the right direction, but did its "roadmap" report really require three volumes and over 200 pages? I feel like I just killed a tree printing it. If you can get through the verbose language, there is some helpful information for anyone buying or selling a cloud service.
Volume I: High Priority Requirements to Further U.S. Government Agency Cloud Computing Adoption provides an overview of the roadmap initiative, including interoperability, portability and security requirements that must be met to further government cloud adoption. It also details standards, guidelines and technology that must be in place to satisfy these requirements as well as a list of action plans to get there. It gets interesting from page 15 onward.
Volume II: Useful Information for Cloud Adopters gets into the nitty-gritty of cloud security for government agencies, but notes that the industry is changing so fast it would be "premature" to offer definitive guidance around cloud security (see page 51). Way to stick your neck out, guys! The second half of the document gets into the risks of using cloud services and outlines possible mitigation steps for consumers. This is helpful stuff.
Volume III: Technical Considerations for USG Cloud Computing Deployment Decisions, which is still being prepared, is intended for decision makers evaluating cloud services. It explains how to apply the technical work in Volume II to the decision framework defined in the Federal Cloud Computing Strategy.
The first two volumes are open to the industry to comment on by December 2, 2011. You can send comments to firstname.lastname@example.org. I might drop Robert a line and see if he needs an editor.
Jo Maitland is the Senior Executive Editor of SearchCloudComputing.com.