EUCS – Cloud Services Scheme
This publication is a draft version of the EUCS candidate scheme (European Cybersecurity Certification Scheme for Cloud Services), which looks into the certification of the cybersecurity of cloud services. In accordance with Article 48.2 of the…
Cloud Security for Healthcare Services
This study aims to provide Cloud security practices for the healthcare sector and identify security aspects, including relevant data protection aspects, to be taken into account when procuring Cloud services for the healthcare industry. The set of…
Critical Cloud Computing-A CIIP perspective on cloud computing services
In this report we look at cloud computing from a Critical Information Infrastructure Protection (CIIP) perspective and we look at a number of scenarios and threats relevant from a CIIP perspective, based on a survey of public sources on uptake of…
Trust Services-Secure move to the cloud of the eIDAS ecosystem
This report includes a detailed analysis on the different technical requirements that must be addressed considering the relevant standards. It also gives an overview of practical experiences on the move of trust services to the cloud, based on the…
Procure Secure: A guide to monitoring of security service levels in cloud contracts
A practical guide aimed at the procurement and governance of cloud services. This guide provides advice on questions to ask about the monitoring of security. The goal is to improve public sector customer understanding of the security of cloud…
Exploring Cloud Incidents
The use of cloud computing technologies is gaining increased popularity and quickly becoming the norm. At the same time, the cloud service providers (CSP) are not always able to keep up the pace with new technologies. This also affects forensic…
Towards secure convergence of Cloud and IoT
The aim of this work is to provide a high-level overview on the security issues to IoT developers and IoT integrators that make use of IoT Cloud Computing and Cloud service Providers (CSPs) of IoT Cloud offerings.
Secure Use of Cloud Computing in the Finance Sector
In creating this report we analysed input from a number of different sources to better understand the usage of cloud services in the finance sector. Based on the analysis we provide recommendations to financial institutions, regulators and cloud…
Cloud Computing Information Assurance Framework
One of the most important recommendations in the ENISA’s Cloud Computing Risk Assessment report is the Information Assurance Framework, a set of assurance criteria designed to assess the risk of adopting cloud services, compare different Cloud…
Security and Resilience in Governmental Clouds
Cloud computing offers a host of potential benefits to public bodies, including scalability, elasticity, high performance, resilience and security together with cost efficiency. Understanding and managing risks related to the adoption and…