April 19, 2012
As recent reports have demonstrated, a number of governments around the world have begun to embrace cloud computing. G-Cloud, a new initiative from the United Kingdom, is perhaps the most notable example, but far from the only one.
However, despite this and other widely publicized projects, and the fact that successful implementation would quite possibly yield the same types of advantages enjoyed by federal governments, local governments have been slower to adopt cloud services.
Now, The Guardian reports that a relatively obscure local Italian public authority, the Asolo Ulss, has released a set of guidelines that may provide local governments, as well as small to medium sized businesses (SMBs), with the safeguards they need to make the transition.
The product of the Cloud Computing for Digital Healthcare Conference held in October 2011, the Castelfranco Charter is a list of recommended best practices aimed at reducing potential risks for healthcare authorities as they introduce cloud computing solutions into their organizations. As The Guardian maintains, however, the recommendations can also apply to private organizations, as well as local authorities.
Generally speaking, the Castelfranco Charter advises organizations to take a number of small steps as they make their way toward complete cloud adoption. The first, for example, is to initially operate on a redundant broadband network, and the next is to ensure private cloud usability before moving on to the public cloud.
Later recommendations include thoroughly vetting cloud providers prior to employing their services and creating a risk manager position to oversee data management and security on the cloud.
The Guardian believes that by following the Castelfranco Charter, local authorities can safely move operations into the cloud. However, it is unlikely to sway everyone. While few argue against the cloud's utility, many harbor serious security concerns. As a Ponemon survey from late 2011 demonstrates, these worries are prevalent among U.S. federal workers.
Among those surveyed who indicated that their organization does not use cloud services nor has plans to do so in the next 12 months, 35 percent cited safety and security concerns as the primary reasons for their hesitancy, making it the second most popular response behind a lack of suitable applications or services.
As these results show, any organization, public or private, that intends to move to the cloud should carefully consider all relevant security concerns in order to ensure the integrity of its network.
-McAfee Cloud Security