Current Filter: Cloud>>>>>News>

   

However, recent reports that European ministers are looking into common rules for data protection mean cloud service providers (CSPs) are likely to be examined closely to determine how they handle the transfer of data through Europe and the rest of the world. If poor processes are found to be in place, then the potential for restrictive regulation could slow adoption and innovation. CSPs across the market should take steps to make services transparent and to have relevant accreditations in place, advises UK-based Outsourcery.

Barry Holder, Information Security and Compliance Manager at Outsourcery explains: "IDC has recently predicted that the cloud computing market will increase by 23 per cent by 2018, and while we agree that there is likely to be an increase in the adoption of cloud services, CSPs must be in a position to show exactly how and where the data of their clients is handled and stored if they are to capture part of this growing market. This should already be a priority, but with the EU beginning to examine processes involving the transfer of data and the UK Government looking to pass the Data Retention and Investigatory Powers Bill it may be something that CSPs, and consequently end-users, could be impacted by if new legislation or regulations are announced."

Holder continues: "In light of this, it is more important now than ever before for CSPs to make sure their services are transparent and to make sure they are certified against the relevant industry accreditations. The Cloud Industry Forum's Code of Practice is one example of a certification that enables CSPs to demonstrate that they meet specified standards around transparency, accountability and capability, whilst also giving CSPs benchmark best practices for how they should be handling information.

The ISO 27001 standard is also an excellent foundation for CSPs looking to understand the data they hold and implement the relevant Information Security controls.