Presentation is loading. Please wait.

Presentation is loading. Please wait.

Trust in Cloud EuroCloud Europe a.s.b.l – EuroCloud Deutschland_eco e.V. EuroCloud Europe Key success factors for trustworthy Cloud Adoption in the EU.

Published byStella Collins Modified over 10 years ago

Similar presentations

Presentation on theme: "Trust in Cloud EuroCloud Europe a.s.b.l – EuroCloud Deutschland_eco e.V. EuroCloud Europe Key success factors for trustworthy Cloud Adoption in the EU."— Presentation transcript:

1 Trust in Cloud EuroCloud Europe a.s.b.l – EuroCloud Deutschland_eco e.V. EuroCloud Europe Key success factors for trustworthy Cloud Adoption in the EU 16-JUNE-2015 Riga – Andreas Weiss

2 European Network of Cloud Computing Industry Associations Trust in Cloud Cloud Certification  Cloud Risk assessments  Cloud Security Guide for SMEs  Cloud Resilience Cloud Certification  Cloud Risk assessments  Cloud Security Guide for SMEs  Cloud Resilience  Cloud Standards  Interoperability  SLA  Cloud Standards  Interoperability  SLA  Expert Groups in EuroCloud countries  Special local law and regulation per country  Quality Assessment (ECSA)  Expert Groups in EuroCloud countries  Special local law and regulation per country  Quality Assessment (ECSA) Digital Agenda  Cloud Select Industry Group  SLA  Code of Conduct  Certification Digital Agenda  Cloud Select Industry Group  SLA  Code of Conduct  Certification European Activities

3 European Network of Cloud Computing Industry Associations Trust in Cloud Targeting the SME market Transparency of Cloud Services (Security, Data Privacy and Compliance) Assessment of trustworthy Cloud Services How to meet expectations?

4 European Network of Cloud Computing Industry Associations Trust in Cloud … … Luise / pixelio.de Luise / pixelio.de SarahC. / pixelio.de Cloud Computing is a game changer... and affects all business lines in terms of: application portfolio IT resourcing IT and Service Management Mobile workforces delivery channels customer interaction …... and affects all business lines in terms of: application portfolio IT resourcing IT and Service Management Mobile workforces delivery channels customer interaction … Cloud Computing addresses a global market new opportunities massive international outreach connects digital markets incubates innovation in various sectors dominated by global players with large investments new opportunities massive international outreach connects digital markets incubates innovation in various sectors dominated by global players with large investments A huge shift from on premise to outsourced services for infrastructure development and applications business processes analytics … for infrastructure development and applications business processes analytics … Key expectations modernisation business process optimisation cost reduction being competitive new markets flexible workplaces modernisation business process optimisation cost reduction being competitive new markets flexible workplaces The impact of Cloud Computing

5 European Network of Cloud Computing Industry Associations Trust in Cloud Using mail services in the cloud is not a real indicator.To get insight in digital readyness, we have to establish a maturity model! We see a great variety of adoption rates. The key questions is: who, how many and what we are asking! What is the real Cloud adoption rate ? http://ec.europa.eu/eurostat/statistics-explained/index.php/Cloud_computing_-_statistics_on_the_use_by_enterpriseshttp://ec.europa.eu/eurostat/statistics-explained/index.php/Cloud_computing_-_statistics_on_the_use_by_enterprises (Nov 2014)

6 European Network of Cloud Computing Industry Associations Trust in Cloud The Cloud Status Quo in Europe Major concerns about data privacy and data security in cloud based services EU initiatives not harmonized with national initiatives The majority of European SMEs needs support to define their “go to cloud and go to market strategy” No single digital market (data privacy, tax,…) In fact we are talking about the next level of digital enterprises but the base concept is not understood yet!

7 European Network of Cloud Computing Industry Associations Trust in Cloud Digital Single Market Strategy 3.4 Reinforcing trust and security in digital services and in the handling of personal data 4.1 Building a data economy 5.Delivering the digital single market 4.1 Building a data economy 5.Delivering the digital single market 4. Maximising the growth potential of the digital economy 2.5. Reducing VAT related burdens and obstacles when selling across borders

8 European Network of Cloud Computing Industry Associations Trust in Cloud Gerhard Giebener / pixelio.de The SME market They do not see sufficient evidence on the effectiveness of Cloud Computing in their business” SMEs are concerned to keep control of their business and their data Supply: They have to comply with local regulation, whereas global suppliers have various options to pass by. Demand: No trust due to lack of transparency; the terminology is unclear and not understood.

9 European Network of Cloud Computing Industry Associations Trust in Cloud same rules for everybody in the European Market vendor listings with appropriate assessment of the full service chain certification for cloud services with appropriate scope portability strategies and standardisation clear rules for a digital single European market Five key issues EU providers are bound to local regulations whereas global players can pass by Lack of transparency Adequate data privacy and data protection and overall security Vendor Lock In Legal compliance 1 2 3 4 5

10 European Network of Cloud Computing Industry Associations Trust in Cloud Establish Trust http://www.eurocloud.de/study-cloud-acceptance-2014-engl.html » Despite the obvious advantages of Cloud Computing technology, many companies and institutions retain a “wait and see” attitude as potential customers and users » If people – as a result of too much complexity – are no longer capable of making a real verification, they fall back on symbolic implications like certification, success stories, reputation,…

11 European Network of Cloud Computing Industry Associations Trust in Cloud A joined European approach Rise awareness and provide show cases and best practices Build an eco system of Consultants and Trainers to educate and support the market with tools and services. Form a group of stakeholders to establish appropriate trust mechanism Define requirements to be awarded as Trusted Cloud Service Provider … …

12 European Network of Cloud Computing Industry Associations Trust in Cloud „I am using cloud to… be agile be competitive be attractive“ „I want to … scope on my core business access new markets reach new clients“ „I am using cloud to… be agile be competitive be attractive“ „I want to … scope on my core business access new markets reach new clients“ Train supply and demand side on relevant aspects of cloud computing and provide ongoing guidance Trusted Cloud Competence Network as joined force build by associations (provider and user), governmental organisations and interested parties  Trusted Cloud requirements (Legal, DPA, Security, …)  Control Framework (based on EuroCloud Star Audit)  National specific requirements  Trusted Cloud requirements (Legal, DPA, Security, …)  Control Framework (based on EuroCloud Star Audit)  National specific requirements The German approach as a sample http://www.trusted-cloud.de/ … … … … … … Trusted Cloud Initiative by the Federal Ministry of Economic Affairs and Energy

13 European Network of Cloud Computing Industry Associations Trust in Cloud The seal “Trusted Cloud” will promote the use of cloud services Promoting the use of cloud services with focus on SME sector through transparency and legal certainty Improving the competitive position of cloud service providers Starting in Germany but considering existing initiatives in other countries in order to build a blueprint for a pan-European seal

14 European Network of Cloud Computing Industry Associations Trust in Cloud Draft Trusted Cloud Seal Management Cloud- Service Provider Self-test Online Application Seal Approval Accreditation Application brokerage Cloud-Service Control organizations Application processing Process of Accreditation Application processing Seal Trusted Cloud Criteria Sealed Cloud Services Cloud- Service User Cloud Services Catalogue Management of Seals Help, FAQ Information to sealed services Approval processing Help, FAQ Accredited Control Orgs Knowledge Base

15 European Network of Cloud Computing Industry Associations Trust in Cloud TiC (trustincloud.org) Web and print Campaign Use cases and best practices

16 European Network of Cloud Computing Industry Associations Trust in Cloud ECSA (eurocloud-staraudit.eu) Training package Control catalogue Further guidance Academy for consultants and trainers Self assessment service, 3rd party audit certification

17 European Network of Cloud Computing Industry Associations Trust in Cloud Key areas to be addressed Service description Juridical contractor and ownership structure Owner and locations of the data centers Service description Juridical contractor and ownership structure Owner and locations of the data centers Provider Applicable law Transparency about all contracts Data protection requirements Data Control Regulations in case of service interruption or insolvency Subcontractor involvement Applicable law Transparency about all contracts Data protection requirements Data Control Regulations in case of service interruption or insolvency Subcontractor involvement Contract

18 European Network of Cloud Computing Industry Associations Trust in Cloud... selection of cloud services and their providers Implementation of the technical and organizational measures for data protection Implementation of security against unauthorized data access Protection against cyber attacks Implementation of the technical and organizational measures for data protection Implementation of security against unauthorized data access Protection against cyber attacks Privacy and Security Security of supplies Area Security and access control Emergency plans Security of supplies Area Security and access control Emergency plans Datacenter Service quality Capability for SLA fullfilment Service quality Capability for SLA fullfilment Operational Processes Operational Processes Isolation of services and data Support services Portability Isolation of services and data Support services Portability Services specific checks IaaS,PaaS, SaaS

19 European Network of Cloud Computing Industry Associations Trust in Cloud What next for cloud security? www.ngcert.eu Audit & Certification ?? Years012 Audit

20 European Network of Cloud Computing Industry Associations Trust in Cloud Dynamic Certification of Cloud Services Hypotheses:  It is possible to evaluate critical requirements of a certificate automatically.  A completely automatic certification for dedicated test steps is possible.  Automatic test steps can help to prove fulfilling requirements regarding quality, data protection and data security ensuring legal compliance. Hypotheses:  It is possible to evaluate critical requirements of a certificate automatically.  A completely automatic certification for dedicated test steps is possible.  Automatic test steps can help to prove fulfilling requirements regarding quality, data protection and data security ensuring legal compliance. Certificate requirements (checklist) Certificate requirements (checklist) Checklists (requirements of all certificates) Checklists (requirements of all certificates) Automatically verifiable technical requirements Automatically verifiable technical requirements Results & Reports (e.g. Dashboard) Results & Reports (e.g. Dashboard) Detection rule set Analyse & Validate (e.g. CEP) Analyse & Validate (e.g. CEP) Metric 1 (with threshold) Metric N Metric 1 (with threshold) Metric N Monitoring System Technical requirements but not automatically verifiable Technical requirements but not automatically verifiable User, Auditor User, Auditor

21 European Network of Cloud Computing Industry Associations Trust in Cloud Security in the cloud age each critical system and data storage has to be secured individually ongoing large investments against attacks like malware, DDoS, … establish policies and measurements to identify risks ongoing monitoring and detection of abnormal behavior integrated monitoring of On Premise and Cloud IT a perimeter security concept does not help anymore cyber threads are growing very fast BYODevice and BYOService are introducing unknown risks IT Security must be pro active, not reactive Hybrid IT and dynamic audit 1 2 3 4 5

22 European Network of Cloud Computing Industry Associations Trust in Cloud Security in and by cloud Raising security effectiveness due to cloud services Professional Cloud Services are much more secure than the majority of On Premise IT Security by Cloud: The prevention against DDOS and Malware is most effective by cumulated cloud based intelligence and IT/communication ressources. Security in the cloud: It is the key business of a cloud service provider to secure the systems and the data.

23 European Network of Cloud Computing Industry Associations Trust in Cloud Conclusion Establish Trust … The establishment of joined trusted stakeholder groups … Transparency and comparability… We all have to work towards a European Digital single market … …is the key challenge and it will not happen without a clear action plan …who are capable of taking care of all the complex questions is highly relevant …of cloud provisioning is a primary goal …with respect to the European values, data privacy is a fundamental right and not protectionism

24 European Network of Cloud Computing Industry Associations Wir gestalten das Internet www.eurocloud.org www.eurocloud-staraudit.eu www.cloudingsmes.eu www.cloudcatalyst.eu www.trustincloud.org www.cloud-migration.eu Thanks for your attention! Andreas Weiss Managing Director EuroCloud Europe andreas.weiss@eurocloud.org Director EuroCloud Deutschland_eco e.V andreas.weiss@eurocloud.de

25 European Network of Cloud Computing Industry Associations Trust in Cloud About EuroCloud  21 Countries  +various Candidates  Network of cloud specialist  More than 1000 members companies throughout Europe  Targeting the entire Cloud eco System (Cloud Service Provider and Customer)  Areas of activities  Trust in Cloud for Users  Standards and Interoperability  Single European digital market  Link the European Cloud Industry  Research and Innovation  Start Up incubation and ISV transformation  21 Countries  +various Candidates  Network of cloud specialist  More than 1000 members companies throughout Europe  Targeting the entire Cloud eco System (Cloud Service Provider and Customer)  Areas of activities  Trust in Cloud for Users  Standards and Interoperability  Single European digital market  Link the European Cloud Industry  Research and Innovation  Start Up incubation and ISV transformation

26 European Network of Cloud Computing Industry Associations Trust in Cloud Key areas to be addressed

27 European Network of Cloud Computing Industry Associations Trust in Cloud... Selection of cloud services and their providers

Download ppt "Trust in Cloud EuroCloud Europe a.s.b.l – EuroCloud Deutschland_eco e.V. EuroCloud Europe Key success factors for trustworthy Cloud Adoption in the EU."

Similar presentations

ICT Services Suppliers Briefing Thursday, 17 September 2009.

ICT Services Suppliers Briefing Thursday, 17 September 2009.
Strengthening innovation in chemical clusters

Strengthening innovation in chemical clusters
A strategy for a Secure Information Society –

A strategy for a Secure Information Society –
Philippine Cybercrime Efforts

Philippine Cybercrime Efforts
Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions.

Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions.
European Cloud Computing Conference Panel 1: What should be the legal framework to help create a market for Cloud services? Dalibor Baskovc Member Executive.

European Cloud Computing Conference Panel 1: What should be the legal framework to help create a market for Cloud services? Dalibor Baskovc Member Executive.
Cloud Computing - clearing the fog Rob Gear 8 th December 2009.

Cloud Computing - clearing the fog Rob Gear 8 th December 2009.
In Harmony, In the Cloud: Harmonizing Data Protection Rules In a Cross-Border World Steve Mutkoski Worldwide Director Policy Microsoft Corporation.

In Harmony, In the Cloud: Harmonizing Data Protection Rules In a Cross-Border World Steve Mutkoski Worldwide Director Policy Microsoft Corporation.
Establishing Cyber Security education, awareness, training and trust for SMEs Roger Dean, Executive Director www.eema.org.

Establishing Cyber Security education, awareness, training and trust for SMEs Roger Dean, Executive Director
AGENCY FOR PREVENTION OF CORRUPTION AND COORDINATION OF FIGHT AGAINST CORRUPTION mr.sci. Vladica Babić - Assisstent.

AGENCY FOR PREVENTION OF CORRUPTION AND COORDINATION OF FIGHT AGAINST CORRUPTION mr.sci. Vladica Babić - Assisstent.
Digital public services and innovation

Digital public services and innovation
2 1.Introduction to the Smart Campaign 2.The client protection principles 3.Why the Smart Campaign matters now 4.Feedback from participants 5.First steps.

2 1.Introduction to the Smart Campaign 2.The client protection principles 3.Why the Smart Campaign matters now 4.Feedback from participants 5.First steps.
Business Services in Europe: Raising the Game Norman Rose Vice-Chairman High Level Group on Business Services & Chairman European Business Services Round.

Business Services in Europe: Raising the Game Norman Rose Vice-Chairman High Level Group on Business Services & Chairman European Business Services Round.
Www.adira.org Philippe LE TERTRE IS Governance Consultant  Founder and managing partner of VADEGIS (company specialized in Information System Management.

Philippe LE TERTRE IS Governance Consultant  Founder and managing partner of VADEGIS (company specialized in Information System Management.
Proposed action: European SME Digital Capability Framework Objectives: o Deliver a competency-based assessment system that enables companies to measure.

Proposed action: European SME Digital Capability Framework Objectives: o Deliver a competency-based assessment system that enables companies to measure.
IST and Tourism cross fertilisation Information Society Technologies for Tourism Brussels, 9th July 2001.

IST and Tourism cross fertilisation Information Society Technologies for Tourism Brussels, 9th July 2001.
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing
BUSINESS & HUMAN RIGHTS UniCredit on its sustainability path: understanding and managing the financial sector’s responsibilities in terms of human rights”

BUSINESS & HUMAN RIGHTS UniCredit on its sustainability path: understanding and managing the financial sector’s responsibilities in terms of human rights”
Presentation to the Housing Technology Conference Tim Cowland- Senior Consultant 27 th February 2014 The Rise of the Housing Cloud.

Presentation to the Housing Technology Conference Tim Cowland- Senior Consultant 27 th February 2014 The Rise of the Housing Cloud.
WHERE WE ARE 22 member associations in 20 countries Over 4300 individual members who are responsible for risk management and/or insurance in their organisations.

WHERE WE ARE 22 member associations in 20 countries Over 4300 individual members who are responsible for risk management and/or insurance in their organisations.

Similar presentations

Ads by Google