U SE OF C LOUD C OMPUTING T ECHNOLOGIES
VII.01; VII.02
Policy Reference(s):
ITS
Responsible Department(s):
September 5, 2017 November 1, 2017
Approval Date: Revision Date(s):
P URPOSE Cloud Computing offers benefits to both private and public agencies that rely heavily on technology for business operations. Those benefits include scalability, elasticity, high performance, reduced administrative challenges, improved cost control, better technological agility, increased technical and business flexibility, faster time to market and increased innovation opportunities. Understanding, managing and controlling the risks around confidentiality, security and resiliency related to the adoption of Cloud Computing solutions is imperative when leveraging cloud technology. This regulation establishes guidelines and requirements pertaining to the use of Cloud Computing at CCAC in order to provide the best outcomes in terms of data security and privacy (DSP), Service Level Agreements (SLA), data ownership and other key components involved in the use of Cloud Computing technologies, and to ensure compliance with law and best practices relative to business operations and data and information security. Rationale for Policy: http://www.oa.pa.gov/Programs/Information%20Technology/cybersecurity/agencies- employees/Pages/default.aspx D EFINITIONS CCAC adopts the National Institute of Standards and Technology (NIST) definition of “Cloud Computing”, which defines the term as “a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” (http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf) As defined by the NIST and this regulation, Cloud Computing refers to and includes the implementation, deployment and use Software as a Service (SaaS), Infrastructure as a Service (IaaS), Platform as a Service (PaaS), other third party hosted data (i.e., Facebook, Twitter, and social media), and related technologies in order to provide secure, effective technology services and correspondingly appropriate safeguards in support of the Mission of the College.
152|Page
Made with FlippingBook Learn more on our blog