Recent developments (September 2014)
Cloud-Select Industry Group plans next steps
The Cloud-Select Industry Group – a group of industry stakeholders advising the Commission on cloud computing policy actions – has already delivered key results under the European Cloud Computing Strategy and highlighted key aims for next steps for EU policies on cloud computing.
On 19 May 2014 stakeholders within the Cloud-Select Industry Group (C-SIG) met to discuss progress on the implementation of the European Cloud Computing Strategy. The group debated recent deliverables on service level agreements, a code of conduct on data protection, certification and contract terms and conditions for cloud computing services. All these aspects can promote cloud uptake to support growth and jobs in Europe.
The subgroup on Service Level Agreements (SLAs) reported progress on essential cloud computing related elements of SLAs, which have now amongst others led to the publication of SLA standardisation guidelines that were used as input for an October 2014 meeting of the International Standards Organization (ISO) Working group on cloud computing.
The subgroup on the Code of Conduct reported on the work on a Code of conduct on data protection for cloud service providers, as part of which it was stressed that the Code must be flexible, accessible and low-cost to support innovation while protecting users.
The subgroup on Certification presented its ongoing work on two solutions regarding security certification – one directed at Small and Medium Enterprises (SMEs) and one for governmental organisations and other more advanced users. Final results of the work of the group are expected to be delivered by the end of 2014, delivering better security and more trust and transparency for the cloud computing market.
Finally, representatives from the Commission’s Directorate-General for Justice reported on the work of the Expert group on cloud computing contracts. Amongst others, the industry stakeholders were asked for feedback regarding the information users need to receive for making the right choices regarding cloud computing contracts. The group also discussed issues relating to breaches of contract and to changes in agreements with providers.
In conclusion, the group of industry stakeholders underlined its role as part of a wider strategy to support the development and adoption of cloud computing in Europe. The stakeholders indicated their expectation that the European Cloud Partnership’s vision document, Trusted Cloud Europe, will contribute to a common approach to cloud computing in Europe, such as in relation to certification schemes throughout Europe.
Original article from net-cloud magazine (January 2014):
Involving these stakeholders in the design and implementation of the European Cloud Computing Strategy makes obvious sense. The European Commission is making this happen through the Cloud Select Industry Group (C-SIG) and its subgroups, which were set up following the publication of the European Cloud Computing Strategy in September 2012.
The subgroups were tasked with providing key input on cloud computing certification, service level agreements and a code of conduct on data protection for cloud computing services. Representatives from more than 50 different suppliers, cloud computing service users and other stakeholders have been collaborating in these subgroups throughout 2013. Concrete results are already visible. For example, the subgroup on the code of conduct drew up a draft version of a code of conduct on data protection for cloud computing providers, which has already been presented to the “article 29 working party” – an advisory body on data protection involving, among others, representatives of national data protection authorities – for feedback.
Moreover, the subgroup on certification mapped and analysed existing certification schemes for information security relevant to cloud computing, and produced a draft glossary of terms and definitions to be used in service level agreements.
A little over a year since the publication of the European Cloud Computing Strategy, the work of the C-SIG entered a new phase with the October 2013 plenary meeting. Stakeholders collaborating within the subgroups presented and discussed their intermediate results and looked ahead to the future. The European Union Network and Information Security Agency (ENISA) also attended, along with cloud computing service users.
Tangible results from the different C-SIG subgroups are expected in early 2014.
Overview of the EU Cloud Strategy and the C-SIG subgroups
(Article from net-cloud future magazine (2013) - for complete magazine click here)