Relevant standards are important to improving the maturity of the cloud services on offer and, in many cases, they will bring benefits of increased flexibility and security for users, but suggests APM Group, the Cloud Industry Forum’s (CIF) independent Certification partner, too many competing standards could wreak damage on the industry.
Richard Pharro, APM Group’s CEO, said: “The market is clearly in need of regulation and standardisation. It’s arguably a lack of common standards governing security, reliability and data sovereignty that has led a large proportion of organisations to delay their move to the cloud. But accreditation is in danger of becoming a term as nebulous as ‘cloud’ itself – especially given the proliferation of different standards bodies to choose from. In a crowded market place, with multiple competing cloud standards, how is an end user, or indeed a Cloud Service Provider (CSP), to discriminate which standards are worth pursuing and which are not?
“The cloud standards industry now boasts around 20 competing standards; most are valuable and relevant but only in part and consolidation would be very beneficial for the industry. Standards typically run two to three years behind innovation so when better standards come along, developers have a duty to retire their own standards or at least seek to find some convergence with similar standards. Failure to do so dilutes the overall impact of standardisation itself, making for a fractious and complicated marketplace,” he continued.
Pharro went on to suggest that until universally adopted standards exist, CSPs should focus on commercial transparency, operational best practice and the adoption of common terminology to ensure end user confidence:
“Ultimately end users are looking for confidence and reassurance that their data will be secure in the cloud, and that their chosen supplier is trustworthy and capable of supporting their business needs. According to CIF’s latest research, 78 percent of cloud users, and future users, would prefer to work with a CSP that is certified against a relevant Code of Practice. CIF’s Code of Practice, which exists as an independent benchmark of best practice and key credentials that credible CSPs should be able to measure up to and provide sufficient assurance of transparency, capability and accountability to the market. It is under constant review and would benefit from more direct end user input to further enhance its applicability for end users,” he concluded.