Germany - News on cloud computing
BSI publications address cloud service providers and cloud service users (power user as well as citizens).
Published on November 27, 2014
For cloud service providers, BSI has recently published a security profile “Software-as-a-Service (SaaS)” based on ISO/IEC 27001. The leaflet and the underlying study can be downloaded (in German only) here.
Due to its risk-oriented top-down approach with its focus on a (layered) business process view, the profile is highly flexible. It is complemented by the bottom-up approach of IT-Grundschutz, with its (now) six modules on cloud computing (management, storage, usage, web services, web applications and virtualisation).
The module on management is already available in English. The BSI white paper “Security recommendation for cloud computing providers (Minimum information security requirements)” can be downloaded here.