In cloud environments, workloads are constantly being spun up, scaled out, moved around, and shut down. Organizations often find adopting cloud technologies is not a good business proposition because they encounter security and privacy issues, such as the inability to maintain consistent protections across platforms, dictate how different information is protected, and have visibility into how information is protected to ensure compliance with requirements. Many organizations face additional challenges because security and privacy laws vary around the world, and the dynamic nature of cloud means that workloads may silently move from one jurisdiction to another. The NCCoE has developed two trusted cloud projects and supported resources that are dedicated to helping solve these challenges.
If you have questions or suggestions, please email the project team at firstname.lastname@example.org.
Exploring methods to better secure cloud workloads in hybrid cloud IaaS environments. Learn more about this project.
Exploring methods to better secure cloud workloads in private cloud IaaS environments. Coming soon.
Hardware Enabled Security for the Server Platform - A Layered Approach to Platform Security by Leveraging Hardware Security Mechanisms for Cloud and Edge Computing Use Cases
A NIST Cybersecurity White Paper