Data auditing, the European Commission and the state of Cloud Computing in EU Countries

Data auditing, the European Commission & the state of Cloud Computing in E.U. Countries Cloud Computing in EU Countries

 

While it’s pretty clear that the countries of the E.U. are not able to agree on much of anything, there is one area in which they seem to be on the same page and that’s cloud computing. Recently the European Commission approved a measure to begin devoting time, energy and funds toward establishing a lightly regulated cloud computing market that is capable of servicing the 27 nations in the E.U.

Once again, one of the major roadblocks slowing down adoption is security (not to mention, cost). It seems that many individuals in the E.U. feel somewhat apprehensive about storing information in US-based data centers. This is likely due to the fact that, under such legislation as the Patriot Act (and others) their data could be accessed by the US government. Of course this is all speculation on their part, and it could be argued that those who fear any type of oversight might be engaging in less-than-wholesome business practices, however this is pure speculation.

So, how does data auditing play into all of this, you ask? Well, for those that don’t know, data auditing is concerned with monitoring data for quality as it travels to and from its destination(s) in accordance with the business practices of an organization. Likewise, data auditing is a continuous process, meaning that it is something which should be performed regularly. Recently it was revealed that, under a certain agreement with E.U. countries, remote cloud service providers might be responsible for providing data auditing services for their European customers. Other suggestions like “self-policing” (where countries would be responsible for policing and monitoring their own data remotely) have also been put forth as well.

At the end of the day the issue of data auditing between cloud provider and user is an issue of control; who has it and what that entails. The European Commission is concerned that becoming reliant on remote or foreign cloud computing services will lead to a loss of control on their part. Additionally, there is the issue of transparency; in other words, the E.U. commission also feels that a lack of information about the infrastructure and services they are using might place them at risk for unknown variables and attacks. These are extremely valid concerns, but with the proper security measures they can be easily overcome. The commission has already put together a number of recommendations which they feel will ensure proper cloud use and operation:

  • Providers must meet certain standards and obligations to be eligible for E.U. business (E.U. data privacy regime)
  • Location lists detailing where data will be processed in any event
  • Data is only accessible by authorized parties (no exceptions)
  • Contracts can be immediately terminated if any unapproved changes are made
  • Cloud providers are held accountable for cross-border data transfers
  • Data auditing rights are withheld by the E.U. countries / customers
  • All sub-contractors (subsequent service providers) must be identified and also be able to adhere to privacy standards

Aside from these qualms, a great number of businesses as well as the European Commission itself are very eager and enthusiastic about cloud computing adoption. They see this as an opportunity to both boost their technological image / capabilities while at the same time strengthening the European Union itself. However, it could be argued that the Europeans are simply seeing the successes being garnered by US businesses as a result of cloud adoption and want a piece of the action. It’s no secret that business-centric cloud computing adoption is on the rise; some experts have even recently stated that we are nearing the crucial 50% adoption mark. This of course brings us to a very important point; how well prepared is your business for cloud adoption? Regardless of how well thought out your plans are, cloud computing training and/or certification programs should be on your list of things to check out in the very near future (if you haven’t done so already).

Why would the Countries and Commission of the E.U. be interested in pushing for cloud adoption at this time? The sovereign debt crisis the Europe is not only hurting government and individuals, it is also seriously affecting businesses. Since cloud computing can increase efficiency and capabilities while cutting costs, it’s only logical that more and more E.U. businesses are eager to jump on board as quickly as possible. Through cloud computing many of these organizations might be able to increase production and capabilities, and in effect help create the much needed growth required to combat rampant debt accumulation. It’s simply too early to tell what effect a more widespread cloud adoption by E.U. businesses will have on the E.U. economy as a whole, but who in their right mind would argue that it’s not a step in the right direction?