However, with the EU examining processes involving the transfer of data and the UK Government looking to pass the Data Retention and Investigatory Powers Bill, Cloud Service Providers (CSPs), and consequently end-users, could be impacted by any new legislation or regulations that are announced.

It means that CSPs are likely to be examined to determine how they handle the transfer of data through Europe – and the rest of the world. 

If poor processes are found to be in place, then the potential for restrictive regulation could slow adoption and innovation. So CSPs across the market should take steps to make services transparent and to have relevant accreditations in place.

“IDC has recently predicted that the cloud computing market will increase by 23 per cent by 2018, and while there is likely to be an increase in the adoption of cloud services, CSPs must be in a position to show exactly how and where the data of their clients is handled and stored if they are to capture part of this growing market,” explains Barry Holder, Information Security and Compliance Manager at Outsourcery.

“It is more important now than ever before for CSPs to make their services transparent and to make sure they are certified against the relevant industry accreditations,” Holder continued. “The Cloud Industry Forum’s (CIF) Code of Practice is one example of a certification that enables CSPs to demonstrate that they meet specified standards around transparency, accountability and capability, whilst also giving CSPs benchmark best practices for how they should be handling information. 

“The ISO 27001 standard is also an excellent foundation for CSPs looking to understand the data they hold and implement the relevant Information Security controls.

By Shané Schutte