Document Actions

Enisa looks to UK for government cloud security guidance

Computer Weekly - Doubts have been raised about Enisa's decision to look to the UK for guidance on how to create a security framework that accelerates adoption of government cloud services across Europe.

The European cyber security agency is among a number of EU-focused organisations keen to drive adoption of G-Cloud-like services within local and central governments for economic reasons.

“Very few EU member states have currently developed approaches for cloud computing based on a well-defined and thorough cloud security strategy (including risk profiles, classification of assets, security objectives and measures),” Enisa’s Security Framework for Governmental Clouds report stated.

To this end, Enisa has set out a multi-part framework to guide EU member states through the steps needed to deploy a secure government cloud.

“The final result is a security framework modelled into four phases, nine security activities and 14 steps that detail the set of actions we believe each member state should follow for the definition and implementation of a secure [government] cloud,” the report continued.