News

Protecting Cloud Customers

Cloud
In a recent document outlining amendments to a draft opinion for the European Parliament’s Civil Liberties, Justice and Home Affairs committee, Judith Sargentini, a Dutch MEP, has called for a number of new rules to help safeguard the data of EU cloud computing customers.

In the amendment (Amendment 14) to the draft opinion on cloud services agreements, Sargentini has urged the European Commission to “come forward with proposals to restore the balance between cloud service providers (CSPs) and their customers as regards the terms and conditions used by cloud services.”

Within this she has included three elements. “The provisions ensuring protection against arbitrary cancellation of services and deletion of data; guaranteeing a reasonable chance for the customer to recover stored data in case of cancellation of service and/or removal or data; providing clear guidelines for cloud providers to facilitate the easy migration.”

Peter Groucutt, Managing Director at Databarracks, an Infrastructure as a Service (IaaS) provider, believes that this is a step in the right direction. “It is good that the issue is being recognised at the highest levels of the EU. Again – the key issues surrounding cloud computing aren’t about the technology, they are all about trust and the reasonable provision of services. Customers of cloud computing don’t want to be held to ransom after signing up to a service. The recent example of 2e2 has really worried a lot of cloud computing customers. When administrators asked customers for payment to keep the business running, or services would be stopped – those customers understandably felt as if they were being held to ransom. As service providers, it is our responsibility to provide clarity and reassurance that although we may be hosting applications and systems for our customers, they are still in control of them. Customers need to know how much notice they would be given before a service is cancelled by the provider and what the process is for getting data back or migrating over to new systems.

“The Cloud Industry Forum’s (CIF) Cloud Service Provider Code of Practice, against which we are certified, is a good example of this process beginning to have an impact. The transparency and quality that the Code guarantees, gives customers and potential customers a level of reassurance that just was not there before its introduction.

“We have seen levels of cloud services adoption continue to rise with 2012 seeing a 10 per cent increase of new organisations using such services (according to CIF Cloud Adoption and Trends for 2012). With this comes a responsibility as an industry to ensure that we are maintaining high levels of customer service. End users need to know that their data is going to be safe in the hands of a third party; this has been and continues to be one of the major obstacles for organisations adopting cloud computing. Without regulation coming from the highest levels of European government and backed by the likes of the CIF Code of Practice, we as an industry are going to continue to struggle to persuade potential customers that cloud computing is a safe and effective alternative to traditional computing.”