Download: ENISA releases cloud procurement guide

Written by Colin Marrs on 26 February 2015 in News

The European Union Agency for Network and Information Security (ENISA) has released a step-by-step guide for public sector bodies on procuring cloud services.

The new Security Framework for Governmental Clouds serves as a pre-procurement guide and can be used throughout the entire lifecycle of cloud adoption.

It outlines four phases, nine security activities and 14 steps that councils and other public bodies should take when procuring cloud services.

Professor Udo Helmbrecht, ENISA’s executive director said: “The report provides governments with the necessary tools to successfully deploy cloud services. Both citizens and businesses benefit from the EU digital single market accessing services across the EU.

“Cloud computing is a fundamental pillar and enabler for growth and development across the EU”.

The framework focuses on the following activities: risk profiling, architectural model, security and privacy requirements, security controls, implementation, deployment, accreditation, log/monitoring, audit, change management and exit management.

According to ENISA, the UK is one of just four EU countries which are currently at an advanced stage of cloud procurement activity, along with Estonia, Greece and Spain.

Elsewhere, adoption is at a low or early stage, with security and privacy issues acting as the main barriers.

Download the guide (PDF)


Share this page



Please login to post a comment or register for a free account.

Related Articles

Interview: CDDO chief Lee Devlin on the ‘move from being disruptive to collaborative’
23 May 2023

In the first of a series of exclusive interviews, the head of government’s ‘Digital HQ’ talks to PublicTechnology about the Central Digital and Data Office’s work to unlock £8bn...

Rochford District Council pins data breach on Capita’s ‘unsafe storage’
17 May 2023

Authority claims it is taking ‘swift and decisive action’ in response to incident it claims affected several councils

Whitehall shared-services implementation requires funding and focus, MPs warn
9 May 2023

Public Accounts Committee warns that lack of support could imperil delivery

Capita admits possible compromise of customer data during cyberattack
20 April 2023

Attackers had unauthorised access for nine days, outsourcing firm announces

Related Sponsored Articles

Proactive defence: A new take on cyber security
16 May 2023

The traditional reactive approach to cybersecurity, which involves responding to attacks after they have occurred, is no longer sufficient. Murielle Gonzalez reports on a webinar looking at...