CERN Self-assessment of Public Clouds

Background

According to the CERN policy, Public Clouds Can only be used for CERN business if they are on the list of compliant public clouds maintained by the CLO.

Before considering an external Cloud providers please check at http://information-technology.web.cern.ch/services?qt-services=2#qt-services that no equivalent in-house service can fulfill your needs.

New public clouds can be proposed for the list by requestors who satisfactorily complete the associated cloud compliancy self-assessment. New use cases can also be added for Public Clouds already in the list.

Public Clouds cannot be used to host CERN legally protected data.

The user must ensure confidential data restrictions are strictly adhered to, by setting up equivalent access controls in the public cloud to prevent individuals outside the original restriction list from having access.

The user must transfer all CERN data either to a CERN successor in the public cloud or bring back onsite and delete from the public cloud when they cease to have a CERN affiliation.

 

Register your public cloud self-assessment