Hi All,
NIST/NCCOE just published NIST/NCCOE Trusted Cloud: Security Practice Guide for VMware Hybrid Cloud Infrastructure as a Service (IaaS) Environments
Organizations need to be able to monitor, track, apply, and enforce their security and privacy policies on their cloud workloads based on business requirements in a consistent, repeatable, and automated way. Building on previous NIST work documented in NIST Internal Report (IR) 7904, Trusted Geolocation in the Cloud: Proof of Concept Implementation, the National Cybersecurity Center of Excellence (NCCoE) has developed a trusted cloud solution that demonstrates how trusted compute pools leveraging hardware roots of trust can provide the necessary security capabilities. These capabilities not only provide assurance that cloud workloads are running on trusted hardware and in a trusted geolocation or logical boundary, but also improve the protections for the data in the workloads and data flows between workloads.
------------------------------
Michael Roza CPA, CISA, CIA, MBA, Exec MBA
------------------------------