Press Release

ENISA’s security guide and online tool for SMEs when going Cloud

Published on April 10, 2015

German French Spanish Greek

ENISA publishes a security guide and an online tool for Cloud security for SMEs to help them assess the risks and opportunities when deploying Cloud services.

The security guide on SMEs

The guide highlights the most important eleven (11) security risks and eleven (11) security opportunities for SMEs to take into account when procuring a cloud service. A selection of twelve (12) targeted security questions linked to the security risks and opportunities are presented as a ‘procurement cheat sheet’ to provide  SMEs with a clear view of the cloud service they procure. These features are enhanced by two exemplary cases of the use of cloud services by SMEs: as a customer and as a vendor offering services. The report indicates the challenges and opportunities in each case, and the security questions the SMEs should address to the provider in order to have a clear understanding of the current security state.

The SME security tool

The SME security tool is an implementation support for the security guide: using the tool, SMEs can rate the risks and opportunities according to their requirements and generate a customised list of security questions which can be used during procurement to collect information on the security measures adopted. The tool helps calculate and visualize risks and opportunities. The results of the tool are personalized to each SME according to its characteristics and the options selected in the tool. This tool is powered by ENISA to support the SMEs taking an informative decision in procuring cloud services.

The Executive Director of ENISA, Udo Helmbrecht commented on the report: “Cloud computing has now become the backbone of the EU’s digital economy. With this tool ENISA aims to help SMEs benefit, as customers, from the adoption of cloud services in a cost-effective way while at the same time make use of increased security features, minimising exposure to threats.”

The Security Guide for SMEs has been created in close collaboration with the ENISA Cloud Security and Resilience expert group and follows the ENISA Cloud Computing Risk Assessment for SMEs and the ENISA Assurance Framework. The risks and opportunities have been extensively cross checked and reviewed by subject matter experts.

For full report Cloud Security Guide for SMEs

For the SME security tool here  


For interviews please contact [email protected] , Tel: +30 2814 409576


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies