Category Archives: APM Group

CIF: ‘Lack of trust holding back cloud adoption’

CIF: 'Cloud users are still citing the same inhibitors'

CIF: ‘Cloud users are still citing the same inhibitors’

Security, privacy and lack of control are still the leading inhibitors holding enterprises back from adopting cloud services, according to the Cloud Industry Forum’s latest research.

The CIF, which polled 250 senior IT decision-makers in the UK earlier this year to better understand where cloud services fit into their overall IT strategies, said when asked about their biggest concerns during the decision-making process to move to the cloud, 70 per cent cited data security and 61 per cent data privacy.

Both are up from the 2014 figures of 61 per cent and 54 per cent, respectively.

“Hybrid will be the modus operandi for the majority of organisations for the foreseeable future, being either not yet ready to move everything to the cloud, or unwilling to. There are a number of contributing factors here: fear of losing control of IT systems, security and privacy concerns, and lack of budget currently stand in the way of greater adoption of cloud by businesses,” said Alex Hilton, chief executive of the CIF.

“The primary issue relates to trust: trust that cloud-based data will be appropriately secured, that it won’t be compromised or inadvertently accessed, and that businesses will be able to retrieve and migrate their data when a contract terminates.”

About 40 per cent of respondents were also concerned they would lose control/manageability of their IT systems when moving to cloud, up from 24 per cent last year.

Richard Pharro, chief executive of APM Group, the CIF’s independent certification partner said cloud providers need to improve how to disclose their privacy and security practices in order to inspire more confidence among current and potential users.

“Some Cloud providers are opaque in the way that they operate. The prevalence of click-through licenses, some of which are littered with unrealistic terms and conditions,” Pharro said, adding that improving public disclosure in cloud contracts could go some way towards improving trust and confidence among customers.

CIF cloud code of practice gains European Commission backing

The Cloud Industry Forum's COP gained the EC's seal of approval for cloud certification this week

The Cloud Industry Forum’s COP gained the EC’s seal of approval for cloud certification this week

The Cloud Industry Forum’s (CIF) code of practice for cloud service providers has been added to the European Commission’s growing list of cloud certification schemes. The move means it passes the EC’s benchmark for service security and reliability.

The Commission’s Cloud Certification Schemes List was set up as part of the European Cloud Strategy and developed by the European Union Agency for Network and Information Security (ENISA); it gives an overview of different existing certification schemes for cloud services in the region.

The scheme effectively the Commission’s way of recognising a certification’s claim to ensuring cloud contracts guarantee a certain level of security or reliability, which it hopes will assure European customers of a provider’s claims and help stimulate spending on cloud services.

“This is a major milestone for the Cloud Industry Forum and the broader cloud community.  There are no dedicated cloud standards in the market, making it difficult for small business customers to identify trusted advisors,” said Alex Hilton, chief executive officer of the Cloud Industry Forum.

“We hope this recognition will encourage more users of cloud services to actively seek providers that are CIF-certified, and likewise more CSPs to seek certification. We have taken important steps in providing a foundation in what is a fast changing and, to many, a new technology sector,” Hilton said.

Other certification schemes included in the list include the Cloud Security Alliance’s attestation, certification and self assessment, EuroCloud’s Star Audit, ISO 27001 and PCI v3.

Richard Pharro, chief executive of APM Group, the Cloud Industry Forum’s certification partner, added: “The Code of Practice was first established with the aim of driving levels of accountability, capability and transparency in the Cloud industry, which are all critical to the Cloud service contract. With the adoption of Cloud within businesses progressing at an incredibly fast rate, those key tenets of Cloud delivery are as important as ever.”

“CSPs need to ensure they operate their businesses and services in a fully open and transparent manner where it is clear to their customers – existing and new – that they are trustworthy and capable of offering the services they claim to be able to offer. The CIF CoP is one of very few schemes which offers this much needed reassurance to end users regarding the organisations they choose to work with,” he added.