/, Cloud Security, IaaS, Uncategorized/Setting the Cloud Standard

Setting the Cloud Standard

Following on from our article last week about the Cloud Industry Forum (CIF) and user adoption; also on the CIF agenda was the need for standardising the cloud industry to address some of the concerns raised by cloud adopters.

Cloud securityWhilst cloud security is still a concern, according to their survey, it is no longer stalling the buying process. In fact the main cause for concern among EU companies was sovereignty, as organisations want data stored locally. Of those end users not moving to the cloud 75% said their reason was to keep data in-house.

As new user adoption is set to grow by 25% over the next 12 months, so there has been a renewed effort to set some industry standards among the Cloud Service Providers (CSP). CIF are promoting their Code of Practice, which at present is an esteemed but voluntary certification that promotes CSPs to ensure there is transparency, accountability and capability within their offerings.

The recent survey by CIF showed that governance and hybrid management will take centre stage (i.e. data protection) as organisations will look to adopt best practice. It was reported that 78% of organisations would want to buy from a Certified Code Of Practice supplier, making implementation and management service skills critical to their decision making.

The CIFs message was clear for end users. Before signing up with any CSP, you need to think about the following:

  • Where will my data be stored/consolidated?
  • Who will have access to my data?
  • Usage and consumption needs?
  • Requirements to integrate with other applications?
  • How transparent is the CSP?
  • Where does accountability lay?

The CIF Code of Practice Certificate will provide a short-cut for cloud adopters to identify which CSPs have been assessed to ensure they have a transparent offering, they can provide value and a good level of professional and service quality.

Martin Banks, guest author for CIF had this to say “Technical standards are of decreasing relevance, except infrastructure, because whatever the users want to do, there are technical ways to do it. Many, many companies can come up with a technical solution or design an App, so standardisation at the IaaS/PaaS level is important, as this is the area that underpins the structure”.

CIF predicted that an increasing number of cloud adopters will require some form of standard certification from their CSP, which is likely to drive the need for voluntary certification into a regulatory requirement.