A: Nothing in government IT happens without documentation that allows it to happen and defines how it should happen. Depending on what kind of government you work with, some of that documentation may come from the U.S. government's NIST. These are the people responsible for keeping the official inch and the official pound. They're also responsible for keeping, for example, the official desktop configuration standard for Windows 7.

The government recognizes that cloud computing is an emerging technology, but directives and guidance are required before its agencies can begin using cloud computing technologies. That guidance begins with SP 800-144, "Guidelines on Security and Privacy in Public Cloud Computing."

Private sector IT isn't required to follow the government's lead or advice in these matters, but publications like SP 800-144 often assist in defining policies that help the rest of us out. For example, Chapter 5 of SP 800-144 includes guidance on addressing security and privacy issues when outsourcing to cloud providers that you might find helpful.

Grab your copy of SP 800-144 from the NIST website. You might find it useful in keeping your data safe as you move it into the cloud.