It seems that not a week goes by without a report, study or article broaching the issue of security when it comes to government making the move to cloud providers. This week, government efficiency advisor Martin Read highlighted that the cloud is “not a quick solution. Things such as security issues need to be thought through. ”

Yes, government bodies – and businesses – need to carefully consider security when moving to the cloud. However, the security issues often presented as reasons for not using cloud-based tools and services are now invalid. While waiting for further legislations and security policies to be deployed, government organisations may be missing out on cost reduction, efficiency and productivity gains. There are a number of secure public cloud providers, such as Huddle, that have already been approved for use by European Union (EU) national governments. The Belgian FPS Social Security, for example, used Huddle to organise the country’s Presidency of the Council of the EU and collaborate with colleagues in Spain and Hungary

In response to concerns around uptime, disaster recovery arrangements, data centre and application security, many providers will give government organisations full visibility of their security and resilience measures.

Back in January, the European Network and Information Security Agency (Enisa) released its report Security and Resilience in Governmental Clouds, warning government bodies against the use of secure public cloud providers.

Professor Udo Helmbrecht, executive director at Enisa, states:

“Public cloud offers a very high level of service availability and is the most cost effective. Yet, currently its adoption should be limited to non-sensitive or non-critical applications, in the context of a well-defined cloud adaptation strategy with a clear exit strategy.”

Given that the public cloud offers “a very high level of service availability”, there is no reason why it shouldn’t be used to provide critical applications. For critical, non-sensitive applications, the 99.9% per cent uptime levels provided by many secure public cloud providers should be sufficient. Uptime requirements vary according to the type of data that is being moved to the cloud, but 99.9 per cent uptime equates to just 10.1 minutes of downtime a week. Increasing uptime to four nines (99.99) reduces downtime to 1.01 minutes.

The recommendation that only non-sensitive data should be placed in the public cloud should also be addressed. The UK government has numerous data security classifications and takes into consideration the use of appropriate cloud services at different security levels. Huddle has more than 60 per cent penetration in UK government and our customers include the Department for Business, Innovation and Skills, the Department for Culture, Media and Sport and the Liberal Democrats.

In the report Enisa also outlines its European Governmental cloud concept: “a supra national virtual space where a consistent and harmonized set of rules could be applied, both in terms of legislation and security policy and where interoperability and standardization could be fostered.”

Such a concept could take years to come to fruition and, while waiting for such legislation, government bodies could be missing out on numerous benefits.

In terms of security, Huddle is already trusted by more than 60% of UK government and offers:

  • Guaranteed uptime of 99.9%
  • 256 SSL
  • SAS 70
  • ISO 27001

Request a Demo

© 2006 - 2021. All Rights Reserved.