Cloud guidelines for Austrian government
Digital Austria, the coordination and strategy committee of the Austrian Federal Government for eGovernment developed a position paper on cloud computing for public sector. It was a joint effort of stakeholders from various government levels, application owners, and solution providers.
The paper addressed the diverse facets of cloud computing, such as:
- Economic Aspects:
There are significant cost savings for IT infrastructure and services that are in a highly standardised cloud environment compared to those on-premise. With existing applications, there may be additional costs to migrate and integrate into the existing infrastructure. Thus, one needs to assess the efficiency gains a migration to cloud brings to the overall service.
- Legal Aspects:
Legal compliance is key in providing public services. Here, cloud computing does not bring new opportunities, but can carry particular challenges around the transfer and responsibilities of data. Areas to consider include IT contract regulation, data protection regulation, liability, code of criminal procedure and lawful access, and procurement regulation. Procurement regulation can become an obstacle, as tendering and award procedures may not fit standardised ‘take it or leave it’ terms by cloud providers.
- Technical aspects:
Deployment of services in cloud environments is often not too different from deployment using traditional data centres. Sticking to higher standardisation demanded by cloud providers can bring opportunities for better reusability of components. By delegating storage and processing to third parties, loss of direct control and security issues arise. This includes aspects such as electronic identification, rights management, encryption of sensitive data under user control, or enforcement of security policies that are specific for government organisations, where there is high need to seek and put in place security like electronic identity and confidentiality in a manner that allows full and sole control by the owner.
The position paper covers further facts like organisational, business process, or strategic opportunities and risks. Among the main factors that can hinder cloud computing adoption in the public sector are security, data protection, vendor lock-in, or procurement risks. The concerns seem to be similar in many EU Member States.
Coordination initiatives in Europe
The potential in the EU has been described in a 2012 European Commission communication ‘Unleashing the Potential of Cloud Computing in Europe’. A cumulative impact on GDP of almost € 1 trillion (US$1.34 trillion) and 3.8 million jobs was forecasted until 2020. However, there is also a risk of cloud market fragmentation. To meet the main risks, three key actions were defined:
- Key Action 1 – Cutting through the Jungle of Standards: To establish a map of standards, to increase trust by recognised specifications on protection of personal information, and to establish EU-wide voluntary certification schemes.
- Key Action 2 – Safe and Fair Contract Terms and Conditions: Model terms for cloud computing service level agreements should be developed. This includes code of conduct for uniform application of data protection rules.
- Key Action 3 – Establishing a European Cloud Partnership: A steering board consisting of C-level representatives from public sector and private sector advises the European Commission on what measure to take to stimulate cloud adoption and how public sector can lead by example to drive innovation.
As part of the third key action, a pre-commercial procurement initiative ‘Cloud for Europe’, initiated by the European Commission and driven by 11 EU Member States and Associated States started in 2013.
The idea is that in a 3½ year project, public organisations research and voice requirements essential but are not yet met by cloud market offerings. Research to overcome these gaps is assigned to industry in the pre-commercial procurement process. Risk-benefit sharing between the public sector and the industry is applied.
This will allow the industry to better understand public sector requirements. Public sector can identify common requirements and procurement models, thus economy of scale can better be exploited than with national cloud silos.
In conclusion, aside from UK and US who are forerunners with their ‘cloud-first’ strategies, most governments are still cautious in their adoption. CIOs need to have a clear goal because technology is not an end in itself. There are obstacles to overcome in order to enjoy the benefits of cost, efficiency and agility.
---
Autor(en)/Author(s): Reinhard Posch
Quelle/Source: futureGov, 12.11.2013
Bitte besuchen Sie/Please visit:
