The Cloud Industry Forum’s (CIF) Code of Practice for Cloud Service Providers has been formally recognised by ENISA (the European Union Agency for Network and Information Security), having been added to its Cloud Certification Schemes List (CCSL). Joining only a handful of other Cloud certification schemes, the inclusion of the Code of Practice (CoP) further validates its value to the Cloud ecosystem.
The CCSL, which has been compiled and assessed by ENISA in collaboration with the European Commission and the Cloud Select Industry Group (C-SIG) on Certification, has been designed to help end users and CSPs determine which Cloud certification schemes fulfil their requirements and can offer the correct level of reassurance. Those schemes included on the CCSL have been found to meet the stringent standards set by ENISA, taking into account the security frameworks around which they are built, the auditing process, and the main characteristics of each scheme.
The addition of the CIF Code of Practice to the list confirms its value to the Cloud market, as end users seek to establish trust with their chosen CSPs, and means that the Code of Practice is a recognised industry best practice scheme for SME Cloud providers seeking to supply services across Europe. CIF now calls for end users to require the “CIF Certified” COP brand from all their Cloud suppliers.
Alex Hilton, CEO of the Cloud Industry Forum, said: “This is a major milestone for the Cloud Industry Forum and the broader Cloud community. There are no dedicated Cloud standards in the market, making it difficult for small business customers to identify trusted advisors. We hope this recognition will encourage more users of Cloud services to actively seek providers that are CIF-certified, and likewise more CSPs to seek certification. We have taken important steps in providing a foundation in what is a fast changing and, to many, a new technology sector.”
Ian Osborne, Member of CIF’s Code of Governance Board, commented: “We have worked very closely with ENISA over the last few months to ensure that the Code of Practice maps to the high standards set by the European Commission. It’s therefore incredibly encouraging to have received its seal of approval, confirming the CoP’s position in the fragmented Cloud standards arena. Furthermore, it marks a significant step for the Cloud Industry Forum Code of Practice, originally set up to help UK businesses gain confidence in suppliers, as this has now been adopted across the European Union.”
Richard Pharro, CEO of APM Group, the Cloud Industry Forum’s independent certification partner, added: “The Code of Practice was first established with the aim of driving levels of accountability, capability and transparency in the Cloud industry, which are all critical to the Cloud service contract. With the adoption of Cloud within businesses progressing at an incredibly fast rate, those key tenets of Cloud delivery are as important as ever. CSPs need to ensure they operate their businesses and services in a fully open and transparent manner where it is clear to their customers – existing and new – that they are trustworthy and capable of offering the services they claim to be able to offer. The CIF CoP is one of very few schemes which offers this much needed reassurance to end users regarding the organisations they choose to work with.”