The report focuses on the benefits and the risks that arise from a security point of view from cloud computing. The key conclusion of the report is that the cloud’s economies of scale and flexibility are both a friend and a foe from a security point of view. The massive concentrations of resources and data present a more attractive target to attackers, but cloud-based defences can be more robust, scalable and costeffective. The report allows an informed assessment of the security risks and benefits of using cloud computing – providing security guidance for potential and existing users of cloud computing.
The security assessment is based on three use-case scenarios: 1) SME migration to cloud computing services, 2) the impact of cloud computing on service resilience, 3) cloud computing in e-Government (e.g., eHealth). These scenarios are used to explain what cloud computing means for network and information security, data protection and privacy, covering technical, policy and legal implications. The report concludes with concrete recommendations on how to address the risks and maximise the benefits of cloud computing.