I previously wrote about the misconception that the cloud sector needs standards, when in fact there are plenty of standards already. The UK Cloud Industry Forum‘s code of practice has been in operation since 2009 (disclosure – I chair the governance board that oversees the code of practice). The European Union Agency for Network and Information Security (Enisa) has just approved the CIF code of practice for inclusion on its list of reputable cloud-focused certification schemes which carry the logo above. This ties in neatly with research by CIF that shows that 84% of UK businesses are using cloud services in their organisation.

As cloud adoption continues to grow, I regularly advise providers and customers on how to address common concerns in the cloud sector. For example, data security, data location, “as is” service, liability exclusions, service credits. The code of practice – and its recognition in the Cloud Certification Schemes List – doesn’t directly solve these concerns but it helps build trust in the cloud sector. Another good reason to read that cloud contract more closely…