cloud security cloudtimes ENISA Publishes Security Framework for Public Cloud Adoption in EuropeThe evolution of global standardization bodies and government policy is paving the way for businesses and government agencies benefit from the use of the cloud. Each region of the world adopts different approaches to policy development, formulation of guidelines and best practices for using cloud safely within the limits of their respective laws and slightly cultures practice.

European Union Agency for Network and Information Security (ENISA) in a latest report “The Security Framework for Governmental Clouds” shows government organization progress to help accelerate cloud adoption. The guide is a positive to provide companies the information they need to use cloud services with confidence step.

The report claims that “very few EU member states have currently developed approaches for cloud computing based on a well-defined and thorough cloud security strategy (including risk profiles, classification of assets, security objectives and measures).”

The report explains the different implications relating to the technical, strategic and privacy by providing relevant information on how to contain and overcome the problems arising from the introduction of the instrument.

ENISA report further states that “the main security challenges, requirements and barriers in the ‘cloudification’ of governmental services are related to: data protection and compliance, interoperability and data portability, identity and access management, auditing, adaptability and availability, as well as risk management and detailed security SLA [service-level agreement] formalization.”

It is recommended to use the toolbox to the public authorities, if the use of the cloud and the assessment of security controls and procedures used are planned. The proposed framework is divided into four phases, nine security activities and 14 structured steps that describe a set of measures which Member States should follow in order to define and implement a secure government cloud.

There are 16,000+ services within the framework, which would take about 1,000 days’ effort to carry out assurance verification. Services can be updated anytime during the framework, so the amount of effort for assurance verification is vast, states the report.

Moreover, the model is tested previously, through the analysis of four case studies of government Clouds – which also serve as a model for the implementation of government Clouds in Estonia, Greece, Spain and the UK. The real-life validation of the security framework also serves the purpose of defining examples of how some EU member states are implementing security into their Gov Cloud approaches. The framework focuses on the following activities: risk profiles, architectural models, security and privacy requirements, security controls, implementation, deployment, accreditation, log/monitoring, audit, change management and exit management.

The report is part of the contribution of authority to the EU’s cloud strategy, which is aimed at national experts, government agencies and the public administration in the EU to define a national cloud security strategy, with an analysis of security aspects on the use of existing Clouds government seeks to provide or assist in completing their procurement requirements for safety. EU politicians, EU private sector cloud service provider (CSP) and cloud broker may also benefit from the content.

The non-profit organization is working since last year with the select industry group on Cloud Certification Schemes and the European Commission and has developed two tools to assist customers in cloud security. This work is part of the European Cloud Strategy as part of the Digital Agenda of the EU.

Hottest IT Skills in 2013 – Cloud, Mobile and BI
In 2012, more than 1.7 million jobs in the field of cloud computing remained unoccupied, according to analysts firm IDC. READ MORE
How Cloud Computing Influences Digital Marketing
Cloud marketing has the ability to drastically change the ways in which they reach and engage their audience, particularly with regard to distributing and storing mission-critical data. READ MORE
Gartner: BYOD to Take Center Stage For Mobile App Use by 2017
More and more companies encourage their employees to work on their devices, thus reducing the cost of computer equipment, but also increase the cost to maintain licenses and safety. READ MORE
Maturity in the Cloud: Start Thinking Like a Grown-Up
Despite the inclination to wait until all of the cloud’s kinks have been worked out, holding off on cloud initiatives until the industry matures won’t guarantee success. READ MORE
PwC: Cloud, SaaS and Mobile Are Changing Software Industry
The software industry is undergoing major changes by trends such as cloud, SaaS, mobile technology and the “consumerization of IT”. READ MORE
10 Cloud Computing Game Changers
Here are the ten most influential cloud computing companies, and the reason why. READ MORE