The European Cloud Partnership (ECP) has recently published a document outlining a set of ideas on how Europe can help public and private organisations use, buy and sell cloud services in a safe and trusted environment. ‘˜Establishing a Trusted Cloud Europe’ report is a policy vision document developed within the framework of the European Cloud Computing Strategy which aims at establishing a framework to support the definition of common cloud based practices, linking them to use cases and applying them in practice.
The paper consists of two groups of actions in order to reach this objective:
- Firstly, a flexible common framework of best practices needs to be created, at the legal, technical and operational level. This common framework, consisting of legal and operational guidelines as well as technical standards, can be voluntarily adopted by cloud providers to show that their offering is in compliance with the common framework, and can be used by buyers of cloud services (in the public or private sector) in order to determine more easily whether a cloud service complies with the requirements of their use case.
- Secondly, systematic consensus building is required, through public consultations, workshops, coordination groups etc., targeting at stakeholders, including citizens, public administration, the cloud industry and cloud users. This would result in a common understanding on issues such as risk management, security requirements, privacy needs, enforcement methods, procurement practices, and any need for legislative reform, all of which can differ from use case to use case.
Source: Trusted Cloud Europe report