Overview & Timeline of Activities

The age of cloud computing has dramatically changed the IT landscape across the world. Governments and industry, across the world are increasingly embracing cloud-based technologies. Organizations use different cloud models suited to their needs – public cloud, hybrid cloud or private cloud. Adoption of cloud depends on variety of factors, of which cyber security and privacy concern are atop.

To ensure this game-changing technology is maximally beneficial to all stakeholders, issues of cloud computing - governance, cyber security, risk, and compliance are required to be dealt with more carefully. Moreover, an evaluation and assessment of various cloud adoption models, international cloud standards, advancements in laws and regulations impacting cloud adoption, best practices etc. are central to a sustainable beneficial approach to cloud computing.

Enhanced trust on the cloud may come from more matured processes, technology adoption and complying against the standards. Security and privacy issues have posed challenges for the governments and policymakers in formulating cloud policy - balancing the need to fulfill their national security and law enforcement responsibilities yet allow the technological environment to thrive and deliver economic benefit.

To contribute in building secure cloud adoption, DSCI engages with various stakeholders in the domain- policymakers, service providers, users and academicians involved in the cloud evolution. DSCI work in cloud computing domain encompasses key learning around the critical challenges of regulation, security & privacy aspects, and overarching governance issues in the cloud. DSCI has been actively involved in the study and analysis of the policy direction of governments worldwide, including contributions to develop international cloud standards. Our Policy recommendations have included the creation of assurance mechanisms and clarification of existing laws.

  • DeitY has recently created a model for provisional empanelment of cloud service providers so that the government department and agencies can leverage cloud services for their use. A more robust framework is work under progress.
  • Prepared a discussion paper on ‘Data Localization’ based on the DSCI-BSA Workshop held during Best Practices Meet (BPM) 2014
  • Revival of DeitY Working Group on ‘Cloud Policy Framework of India under the chairmanship of Mr. Kiran Karnik, to conceptualize and develop a comprehensive framework for cloud policy in India. DSCI presented perspective on policy and legal issues in cloud computing, including matters related to data localization.
  • Member of the Working Group (WG) setup by DeitY to assist the government in formulating cloud policy. The WG was constituted under the chairmanship of Mr. Kris Gopalakrishnan, Executive Co-Chairman, Infosys. DSCI prepared two white papers namely ‘Government's Policies on Cloud’ after studying the studying the policies of the US, the UK, the EU, Japan and Australia; and ‘Global Standards for Cloud Computing’ after studying standards that have been developed or are under development globally, covering countries such as the US, Japan, the EU, Germany and Australia among others
  • Organised Best Practices meet themed on ‘Business adoption and the Convergence of Mobile and Cloud in a Global Context’
  • DSCI led a breakthrough track on ‘Globally Distributed Processing and Data Storage (the “Cloud”) at Worldwide Cybersecurity Conference organised by East West Institute (EWI)
  • Presented at National Seminar on Information Security in Cloud Computing and Implications for SMEs. DSCI proposed recommendations for user organizations, cloud service providers and government to overcome the identified challenges
  • Presented views at ‘NASSCOM Mobility and Cloud Summit’ on different data protection regulations of other countries and their impact on cloud computing, specifically highlighting the EU Adequacy of India, as part of the ongoing India-EU FTA negotiations and implications for the IT-BPM industry challenges faced by industries in cloud adoption.
  • Member of Carnegie Mellon University’s Cloud Services Measurement Initiative Consortium (CSMIC) and provided security and privacy related inputs which will help businesses ascertain and compare capabilities of cloud service providers.