The IT Law Wiki
The IT Law Wiki

Overview[]

The European Union Agency for Network and Information Security (ENISA) is headquartered in Crete, Greece. Established in 2004 as the "European Network and Information Security Agency," the prime purpose of ENISA is to enhance the capability of the European Community, the Member States and, as consequence, the business community to prevent, address and respond to network and information security problems.

In 2008 ENISA's original mandate was extended until March 2012. At the same time, the European Council and the European Parliament called for "further discussion on the future of ENISA and on the general direction of the European efforts towards an increased network and information security."

In November 2009, the agency issued Cloud Computing: Benefits, Risks, and Recommendations for Information Security,[1] which provides a set of information requirements and includes questions that a customer can ask a cloud computing service provider in order to evaluate the service provider's information security practices. The requirements address:

In addition, the agency's Cloud Computing Information Assurance Framework[2] states the need for a clear definition and understanding of security-relevant roles and responsibilities between the customer and the provider.

References[]

  1. European Network and Information Security Agency, Cloud Computing: Benefits, Risks, and Recommendations for Information Security (Nov. 2009) (full-text).
  2. European Network and Information Security Agency, Cloud Computing Information Assurance Framework (Nov. 2009) (full-text).

Source[]

See also[]