Why data governance is key for safe cloud computing

Updated 17 March 2016
0

Why data governance is key for safe cloud computing

A recent report on Managed Datacenters and Cloud Services in Saudi Arabia, issued by Communications and Information Technology Commission, indicated that cloud computing services ranked third among the three services that witnessed the most tremendous growth between 2011 and 2014.
Spending on cloud services totaled SR189 million with a growth rate of 373 percent.
The study also showed that cloud computing services are expected to grow rapidly over the next five years, surpassing SR476 million in 2019.
The study showed that many organizations are realizing that procuring cloud services can give them access to better technology than they could implement or purchase on their own.
We can, therefore, feel that user confidence in cloud computing services is increasingly growing day after day.
However, full-scale cloud services adoption in public and private sector organizations is hindered by many concerns and challenges.
A major challenge is trust — in protecting the security and privacy of the company’s data when using services that require data storage, partially or fully, on the cloud.
Therefore, we must find ways to boost confidence in these services and check user requirements in cloud use, which are based on maximizing benefits, harnessing best technologies and at the same time, minimizing the potential risks.
One of the effective ways to reduce risks of adopting cloud computing services, is to find better approaches to manage and classify data within organizations.
This includes formalizing the definition of the organization’s data and producing and using this data by creating and implementing standards for managing it as an asset of the organization.
Under these criteria, data is classified according to its sensitivity level and impact toward the work of the organization.
For example, the British government has recently classified Government data into three levels: official data, secret data and top secret data.
Upon finding practical ways to classify organization’s data, each data sensitivity level is linked with certain security standards, which become more stringent for data with higher sensitivity and greater impact on the work of the organization.
By data classification, we can make more informed decisions on determining the cloud computing services that suit less sensitive data.
In turn, this creates less risks in case data was breached, which is unlikely to happen due to the huge investments done by cloud providers to build up confidence in these services.
In considering the data sensitivity levels of the British Government, official data can be completely managed by cloud services complying with the ISO270001 and ISO27018 security and data privacy protection standards.
As for the next data level, “secret data”, organizations can choose to use built-in (hybrid) cloud computing, which means organizations’ private systems services combined with the public cloud computing services using the same compliance standards.
However, storing Top Secret Data at the organization’s site is recommended, not because the cloud lacks security standards, but in order to manage risk in an orderly manner in line with the organization’s data governance and classification objectives.
The key to transforming future of cloud computing services is boosting user confidence that their data and its privacy are well protected.
This responsibility shall be on the two parties involved.
Thus, investment by the cloud services providers must be accompanied with investments from the organizations that use these services, in order to find modern data governance methods and manage and classify data.
This will enable these organizations to harness cloud computing services by reducing spending on hardware, devices, software and human resources on one hand and maximize the flexibility of organizations, their ability to adapt with market changes, beat competition and provide excellent services that are highly scalable and profitable on the other hand.
— Dr. Mamdouh Najjar is deputy general manager and national technology officer at Microsoft Arabia, Riyadh.


Saudi Arabia, Russia and China give EU trade reforms thumbs down at WTO

Updated 12 min 9 sec ago
0

Saudi Arabia, Russia and China give EU trade reforms thumbs down at WTO

  • China is suing US and EU at WTO
  • Kingdom warns new rules are concerning

The EU’s new rules against countries dumping cheap goods on its market got a rough ride at a World Trade Organization meeting, where China, Russia and Saudi Arabia led a chorus of disapproval, a trade official said on Thursday.

The EU, which is in a major dispute with China about the fairness of Chinese pricing, introduced rules last December that allow it to take into account “significant distortions” in prices caused by government intervention.

A Chinese trade official told the WTO’s anti-dumping committee that Beijing had deep concerns about the new methodology, saying it would damage the WTO’s anti-dumping system and increase uncertainty for exporters, an official who attended the meeting said.

China argued that the concept of “significant distortion” did not exist under WTO rules, and the EU should base its dumping investigations on domestic prices in countries of origin, such as China.

The EU reformed its rules in the hope they would allow it to keep shielding its markets from cheap Chinese imports while fending off a Chinese legal challenge at the WTO.
China said that when it joined the WTO in 2001, the other member countries agreed that after 15 years they would treat it as a market economy, taking its prices at face value.

But the US and the EU have refused, saying China still subsidises some industries, such as steel and aluminum, which have massive overcapacity and spew vast supplies onto the world market, making it impossible for others to compete.

China is suing both the US and the EU at the WTO to try to force them to change their rules.

Legal experts say the dispute is one of the most important in the 23-year history of the WTO, because it pits the major trading blocs against each other with fundamentally opposing views of how the global trade rules should work.

In the WTO committee meeting, Saudi Arabia said the new rules were very concerning, and it challenged the EU to explain how EU authorities could ensure a fair and objective assessment of “significant distortion.”

Russia said the EU rules violated the WTO rulebook and certain aspects were unclear and created great uncertainty for exporters. Bahrain, Argentina, Kazakhstan and Oman also expressed concerns.

But a US trade official said the discussion showed that appropriate tools were available within the WTO to address distortions affecting international trade.