Action Plan for Cloud Computing
Governments around the globe need to take action to ensure that Cloud Computing's potential is realised. That's the conclusion of the latest phase of the World Economic Forum's (WEF) research study Exploring the Future of Cloud Computing, which has spawned an 8 point action plan based on the findings of a series of workshops around the world.
The research study was mandated by the IT Governors at the World Economic Forum Annual Meeting 2009 in Davos, Switzerland. Two objectives for the research were defined:
Data Governance
The report notes a lack of clarity around which legal jurisdiction data in the Cloud falls – especially if, as many Cloud architectures require, the data is split up and stored in multiple locations. Data often falls under more than one legal jurisdiction, and it is unclear how inconsistencies among those jurisdictions would be resolved. Users surveyed were worried about the potential for foreign governments to demand access to their data while governments in turned were worried about losing the legal ability to “oversee” data in the Cloud and apply their laws to the cloud. These twin concerns risk the imposition of data location constraints, such as requiring data to be located only within national borders which some fear will lead to protectionist behaviours.
Security
The old bug bear of security worries remains relevan with users particularly concerned that Cloud-held data is more susceptible to cyber-attacks, while governments are concerned that current technical security mechanisms such as encryption could give users a false sense of security. Government representatives also expressed concern about the resilience of Cloud providers to distributed denial-of-service (DDoS) attacks. The report also nots that data deletion is more challenging in the Cloud, because Cloud providers are the only ones with access to the physical infrastructure on which users’ data is stored, and often data may be mirrored on multiple machines.
The Business Environment
When considering the wider business environment some division emerges between governments and Cloud providers. Governments are keen to ensure interoperability as a way of driving competition and increasing the resilience of the Cloud system as a whole, especially where the market consists of only a few providers, but this seems to be at odds with a reluctance by Cloud vendors to focus on standardisation.
The research study was mandated by the IT Governors at the World Economic Forum Annual Meeting 2009 in Davos, Switzerland. Two objectives for the research were defined:
- Develop an understanding of what is needed to steer the healthy development of both public and private cloud computing environments.
- Develop a set of industry and public policy action areas that could help mitigate the uncertainties and accelerate the benefits of Cloud Computing.
Data Governance
The report notes a lack of clarity around which legal jurisdiction data in the Cloud falls – especially if, as many Cloud architectures require, the data is split up and stored in multiple locations. Data often falls under more than one legal jurisdiction, and it is unclear how inconsistencies among those jurisdictions would be resolved. Users surveyed were worried about the potential for foreign governments to demand access to their data while governments in turned were worried about losing the legal ability to “oversee” data in the Cloud and apply their laws to the cloud. These twin concerns risk the imposition of data location constraints, such as requiring data to be located only within national borders which some fear will lead to protectionist behaviours.
Security
The old bug bear of security worries remains relevan with users particularly concerned that Cloud-held data is more susceptible to cyber-attacks, while governments are concerned that current technical security mechanisms such as encryption could give users a false sense of security. Government representatives also expressed concern about the resilience of Cloud providers to distributed denial-of-service (DDoS) attacks. The report also nots that data deletion is more challenging in the Cloud, because Cloud providers are the only ones with access to the physical infrastructure on which users’ data is stored, and often data may be mirrored on multiple machines.
The Business Environment
When considering the wider business environment some division emerges between governments and Cloud providers. Governments are keen to ensure interoperability as a way of driving competition and increasing the resilience of the Cloud system as a whole, especially where the market consists of only a few providers, but this seems to be at odds with a reluctance by Cloud vendors to focus on standardisation.
cloud computing security cloud computing
No comments:
Post a Comment