India needs hacking free cloud service

India needs hacking free cloud service
x
Highlights

While the world is witnessing cloud data breach incidents more often --micro-blogging website Twitter being the latest one -- and governments the world over are looking for ways to ensure data security, India has also joined the chorus for a safe, secured cloud experience.

While the world is witnessing cloud data breach incidents more often --micro-blogging website Twitter being the latest one -- and governments the world over are looking for ways to ensure data security, India has also joined the chorus for a safe, secured cloud experience.

The Telecom Regulatory Authority of India (TRAI) this month issued a consultation paper on cloud computing, inviting the stakeholders to join the debate on how to implement a secured cloud service. The fact is: Practically no work has been done in India till date on having an adequate legal framework to deal with cyber security and data security on the Cloud.

“A lot more work needs to be done in terms of protecting and preserving security of cloud data for the businesses and companies whose data is being stored on cloud servers in foreign shores,” says Pavan Duggal, one of the nation’s top cyber law experts.

The Indian Telegraph Act, 1885, is completely silent in the context of cloud computing. The Information Technology Act, 2000, has not addressed issues pertaining to cloud computing. According to the cloud service providers, cyber security is now a boardroom discussion and has emerged to be a key concern for IT and business managers alike.

“While there are concerns around data security in India, a lot of the technologists in the country are quite skilled and are aware of what needs to be done. By following practices such as segregation of duties, on-disk encryption, data redaction and robust identity management, India can tackle security constraints well,” explains Shailender Kumar, Managing Director, Oracle India.

The real security issue is when customers take older products that were not built for the Internet, rack them and put them on the Internet. Cloud computing accounted for about 33 percent of the total IT expenditure in 2015 across the world. In India, the overall cloud computing market reached $1.08 billion by the end of last year and IT/ITeS, telecom, manufacturing and government sectors contributed the largest to this.

“Cloud service providers need to ensure secured, hacking-free services for Indian companies. This can be done by adopting latest international standards on cyber security. Further, all cloud service providers are intermediaries and are required to implement and maintain reasonable security practices and procedures while dealing with, handling or processing sensitive personal data in the cloud,” says Duggal. The Indian law has already stipulated ISO 27001 as a standard for intermediaries who are dealing with, handling or processing sensitive personal data.

The legal, policy and regulatory issues pertaining to cloud distinctly need to be addressed by appropriate national legislation, feel experts. Internet jurisdiction is one of the major legal challenges in the context of cloud computing as in a majority of times, the hardware of the cloud where third party data is located, is often placed outside the territorial boundaries of the relevant national laws.

By: Nishant Arora

Show Full Article
Print Article
Next Story
More Stories
ADVERTISEMENT