Hot on the heels of its report on data breach notifications in the EU, the EU’s cyber security regulator, ENISA, published yesterday a new report on cloud computing in the government. The report is targeted at senior managers of public bodies who are considering cloud computing platforms and services, and it aims to highlight the pros and cons of different cloud models with regard to information security and resilience. The report summarizes relevant legal and regulatory considerations, and bases its analysis and conclusions on the examples of a healthcare authority and local public administration migrating to the cloud, and the creation of a governmental cloud infrastructure.
The report acknowledges that cloud computing has the potential to offer public administrations substantial benefits and improvements over current IT provisioning, such as increased availability and reliability, stronger security and better value. However, the report recommends private and community clouds over public clouds, and ultimately urges European governments to adopt a staged approach in integrating cloud computing into their operations.