DSCI organized a workshop on Cloud Data Governance at India Habitat Centre, New Delhi. The aim of the workshop was to deliberate on data governance and data classification. The workshop focused on deriving outcomes to help government departments and agencies get acquainted with guidelines, international best practices, strategies and techniques in their journey towards Cloud adoption.
It also synthesised government and industry inputs to work towards formulating a robust framework to help government agencies evaluate and adopt the most appropriate cloud based solution. The key note speaker was Ian McCormack, a UK Government expert and currently Technical Director for Applied Risk, CESG, UK. Ian had helped to formulate the Data Classification strategy for the UK Government which enables UK Government agencies select the appropriate cloud solution. The workshop was supported by Microsoft India.
With Digital India gaining traction and Government of India’s Cloud (GoI) initiative- ‘Megharaj’ advocating adoption of cloud technology, challenges related to management of data, usability, integrity, and security need to be overcome. When it comes to cloud service providers, implementing critical controls and safeguarding data they store becomes difficult in the absence of appropriate data governance and data classification frameworks.
Data classification helps cloud service providers to offer services and safeguard information depending on the sensitivity of data. Currently, in the absence of a well-defined framework, organizations find it challenging to select appropriate cloud services suited to their requirements. Recently DeitY formulated an accreditation framework for Cloud Service Providers to enable government department and agencies choose Cloud services from a list of accredited service providers.
Addressing the workshop participants, Nandkumar Saravade, CEO, DSCI, said, “Cloud data governance has been under discussion for long; however its practical implementation has continued to confuse and perplex many organizations. As safeguarding data and information becomes a top priority for businesses and the governments globally, it is essential to ensure that there is a synergy between the Government agencies and industry to ensure a safe and secure environment for Cloud services adoption. Knowledge and experience sharing through such Workshops plays a constructive role in building a much-needed framework for the adoption of Cloud services, beneficial to all the stakeholders in the Cloud ecosystem.”
Speaking on the occasion, S.Chandrasekhar, Group Director, Government Affairs & Public Policy – Microsoft India said “Cloud technologies are here to stay and organizations around the world have no option but to change their strategies to leverage cloud technology. Cloud technology offers unprecedented scalability, speed of deployment, pay per use and significant cost benefits. It is computing on tap, just like our electricity connection at home. Governments handle a huge amount of data but only a miniscule percentage of this data is extremely sensitive. Government’s usually cautiously before adopting Public Cloud due to concerns of privacy, security, data sovereignty. A majority of Government data is non sensitive and publically available. It is also accessible through websites, search engines, RTI and social media. Governments can therefore leverage the enormous benefits of the public cloud for non-sensitive data and benefit from add-on services like analytics. For this to happen, there needs to be robust data classification guidelines which help departments classify their data properly in order to adopt the appropriate solution and service. India has the opportunity to learn from the best practices of other countries. I complement DSCI for playing a catalytic role in bringing together Government and industry to help evolve a data classification schema for India.”
Ian McCormack, Technical Director for Applied Risk, Public Sector Service, CESG said “The UK Government has undertaken much reform to how we work and technology we use. We have simplified how we classify information to include a single “OFFICIAL” that is appropriate for vast majority of information held. A key of “OFFICIAL” is to enable much greater use of modern functional and cost effective technology, and this off course includes cloud.
Security is often seen as a barrier to cloud adoption but is rarely well understood. In the UK we have adopted a framework based on ‘security principles’. This helps organisations to assess their true security needs for cloud, and then make an objective assessment of how well cloud based services meet those needs. I have been delighted to share some of this work and what we have learnt with the India Government.”
