Cloud computing risk assesment by ENISA

Cloud computing is on many agenda's these days.

For many, there is an obvious business case. It means computing on the demand, has instant availability, requires little or no commitment and minimal investments.

In our security practice, we find that the main concern on cloud computing is security: "How can I know if it’s safe to trust the cloud provider with my data or even my entire business infrastructure?”
It is obvious that many people feel the need for an independent, in-depth look at all the security and privacy issues of moving into the cloud, outlining some of the information security benefits of cloud computing, as well as the key security risks.

Therefore, I was very glad to read the ENISA's (the European Network and Information Security Agency) report on security. If it is on your agenda, read it! The PDF can be downloaded here
The report provides a detailed check-list of criteria which anyone can use to identify the security consciousness of their cloud provider.

The key conclusion of this paper, according to ENISA, is:

"... that the cloud’s economies of scale and flexibility are both a friend and a foe from a security point of view. The massive concentrations of resources and data present a more attractive target to attackers, but cloud-based defences can be more robust, scalable and cost-effective."

In my opinion, this report helps you to make a well informed decision on this issue.