techUK paper urges local authorities to look to other public sector organisations for best practice in moves to cloud computing
National IT industry association techUK has urged local authorities to learn lessons from other local public sector bodies in considering moves to cloud computing.
The organisation includes the recommendation in a new paper, Building Local Government Security of Cloud, one of a group aimed at helping users in different sectors to ask the appropriate questions and identify the best offerings for them.
The paper, much of which focuses on the generic benefits and issues around cloud systems, points to an earlier survey by not-for-profit IT provider eduserv in which 44% of the UK’s largest local authorities said they had no cloud adoption policy. This has been related to issues around the security, ownership and access to data in the cloud, along with compliance with data protection regulations.
“For local government organisations to realise the full benefits of cloud computing, trust must be built in the cloud and any perceived security challenges must be demystified,” the report states.
It urges councils to look to public sector bodies in their areas, including other local authorities, justice and emergency services organisations, that are already using cloud services successfully. It says these can provide good sources of information and examples of best practice in selecting and using cloud services.
It also recommends: “Before you move forward, take a moment to consider the importance of the information for which you are responsible and the security controls and requirements you may need from your cloud provider.”
Security risks
Programme manager Georgina Maratheftis told UKAuthority: "Local government holds vast amount of data and security continues to remain a major restraining factor to it not moving to the cloud. There are still perceived security and compliance risks and key to overcoming this is asking the right questions internally and to cloud providers so the organisation adopts the right model that meets their needs.
"techUK has produced A Building Local Government Trust in the Security of Cloud paper that provides this key information. In addition to drilling down to the key questions, local government should directly engage with other councils and tech industry to share best practice as councils will already be on their cloud journey and will have valuable lessons to share."
Other recommendations in the paper include:
- Thinking about what information the organisation is happy to with the cloud.
- Asking a series of questions about security arrangements early in the commissioning process.
- Taking account of techUK’s three point plan to transform public services, published in October 2014.
- Asking if the provider can unilaterally change the terms of a contract, and whether the information will be transferred back to the authority at the end of a contract at no cost.
Sue Daley, head of cloud, data, analytics and artificial intelligence at techUK, said: “The next wave of our digital revolution is being powered by the internet of things, big data analytics and artificial intelligence - cloud computing underpins all of these developments.
“Given the importance of this technology to the UK’s digital future, it is vital that users understand the security benefits of the cloud and that advice delivered today addresses the users’ concerns.”
Image from report cover, techUK
