Cloud Computing Policy
In recent years, Cloud Computing has emerged as an important solution for cost effective and reliable delivery of IT services. Cloud Computing includes several categories of services. The three common cloud service models are Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS).
To help California agencies/departments understand and evaluate Cloud Computing services as a viable solution for business needs, the following can be a reference point:
: A Model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
Some common examples of using cloud services:
- Web-based email
- Social media
- Document hosting/collaboration web services
- Data backup services
Cloud Computing includes several categories of services. The three common cloud service models are Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS).
SaaS - PaaS - IaaS -
For California's Cloud First policy, refer to the published CA Department of Technology (CDT) policy, .
The "Cloud First" policy directs State departments to shift toward cloud computing solutions for all new reportable and non-reportable IT projects in accordance with SAM 4983 and 4983.1. Departments shall build and evaluate for cloud solutions to meet their business needs, whenever feasible. Any project that utilizes cloud SaaS, PaaS, or IaaS solutions is an IT project and all relevant statewide IT policies contained in SAM apply to that project.
- : , , (Data security, management)
- : (Data security program management)
- Information/Data security and privacy control framework: ,
- Information security provisions/standards: , , and ,
- Encryption provisions/standards:
Department of General Services
West Sacramento, CA 95605