The EU’s recently announced plans to certify “trustworthy” cloud providers risks unfairly excluding equally valid SME Cloud Service Providers (CSPs) from public sector contracts, to the detriment of the industry, the Cloud Industry Forum (CIF) warns today.
Echoing the views expressed by the Government’s deputy CIO Liam Maxwell, Andy Burton, Chair of CIF and CEO of Fasthosts, suggests that standards, although of vital importance to the industry, must still be based on practical common sense and market relevance if we are to prevent smaller CSPs from being frozen out purely because of unrealistic benchmarks:
“CIF has long campaigned for appropriate cloud standards to be mandated at a governmental and indeed an international level, and for these to assist procurers in the selection of relevant vendors. The EU’s recently announced cloud computing strategy is encouraging in this regard for its fervent commitment to certification. However, if Europe is to operate seamlessly as a community, and fully realise the advantages of cloud enablement, it is essential that solutions are accessible to the widest business community to participate in, including SMBs where a great deal of innovation occurs.
“The closed off system of tender currently proposed threatens to prevent quicker growth and development of agile government systems,” he continued. “With over £9 billion being spent on ICT each year by Government and the impact of spending cuts beginning to impact on society, you would assume that savings, in the form of an open market, would be pursued at every opportunity, rather than protecting the current oligopoly of suppliers.”
Ian Osborne, Chair of the CIF Standards Committee, adds: “We need to be careful not to raise bar on standards in such a way that only the largest companies can afford to comply. There must be a balance between services offered, standards required and the assurance regime to be complied with, if SMEs are to be successful in offering their services to the public sector.”
According to Burton, the solution to the EU’s certification problem may well lie in the CIF Code of Practice which was implemented to drive best practice in the industry and to assist end users in making rational and informed commercial decisions: “The need for standards and additional regulation in the industry is self-evident but the cloud market is still young and as such it is essential that organisations are able to understand the capability and accountability of CSPs in a common transparent format as the market matures. Here, the CIF Code of Practice, which is based on these key tenets of transparency, accountability and capability, is a viable and verifiable alternative,” he concluded.