Public Clouds have been pinpointed as the ‘weaker’ side in the battle of Public versus Private – when it comes to government bodies at least.
The European Network and Information Security Agency (Enisa) have championed the private cloud even though its public counter part can offer a higher service availability and improved cost benefits. The report believes that the needs of a government body will better matched by the private cloud.
Enisa points out that even though cloud computing is meant to present ‘better’ everything – value, availability, security – there are issues of weaknesses that have to be addressed. Weaknesses come from a ‘lack of governance and control over IT operations and the potential lack of compliance with laws and regulations.’
Only non-critical apps (with a clear exit strategy) should be on the public cloud, according to Enisa. Non-EU companies can own public clouds, which, results in a lack of transparency when it comes to security, resilience measures and possible breaches. Some member states could also have issues with inadequate Internet connectivity.
“For sensitive applications, private and community clouds appear to be the solutions that currently best fit the needs of public administrations since they offer the highest level of governance, control and visibility,” the report stated.
The report followed this statement by warning of the importance of reaching ‘the necessary infrastructural critical mass,’ only then will the benefits (resilience and security) of the private, or community, cloud be achieved.
The Security and Resilience in Government Clouds report actually offers senior management a decision-making model in order to access which cloud they best fit – probably something every government organisation should read up on.