UK and EU cloud directives
Two recent governmental directives are important for cloud services providers to be aware of and understand.
The first is from the Information Commissioners Office (ICO) which has published new guidelines on the use of cloud computing and the Data Protection Act 1998. The document makes clear that it remains the responsibility of the business which own the data to keep it secure, preferably through encrypting data before storing it in the cloud, as well as a written contract between the business and the cloud service provider which entails the expectations of security.
The ICO recently fined the Scottish Borders Council £250,000 for failing to manage the company who digitised personal data, showing the potential consequences for businesses who fail to protect customers data.
The second is from the EU, who published their Cloud Computing Strategy which aims to be ‘not only cloud friendly, but cloud active’ in order to benefit consumers, but also attempt to create 2.5 million new European jobs and add an extra 1% in EU GDP (around €160 billion) by 2020.
This also focuses EU public IT spending on cloud, which benefits cloud services providers by making the market more competitive across national borders. The EU also plans to develop standard contract models for service level agreements (SLA). You can read more about the EU plans, with links to other useful reading here.