Cloud, Security & Government: What's coming?

Mohammad Zaman is an experienced IT strategist with decades of experience on Governance framework, business revenue and IT cost alignment with optimal resource utilization.  He is also one of the co-founders of Cloud Camp Bangladesh. He briefly shared his concerns about Govt. cloud with The Daily Star:

What are the difference between last year and this year's Digital World?

Zaman: This year's Digital World event is much better and much more interesting compared to last year. Last time there were same pre-built kiosks, so the companies weren't able to showcase their creativity. But this year they got to customize their kiosk. So that's a start. This year's sessions were really good. The speakers and session topics were really interesting,  certainly got me psyched. I also noticed three major tech events last year. All the events that took place over the last one year covered the concept elements. Now this year, we are seeing tons of activities - all of which have matured a lot. In addition to that, I am seeing ICT Division and Access to Information (a2i) program of the government has accelerated various initiatives which are really positive.

Government is increasingly taking steps to go cloud. How are they addressing the security issue of cloud?

Zaman: In the last 2-3 years we have seen the growth of cloud based services both globally and locally. We are seeing more and more users are going cloud everyday for the ease of access and reducing hardware overhead costs.  This trend is certainly good news. But the greatest news is government's initiative to go cloud. We have already seen a huge amount of smartphones in the market. So the users are more or less ready, now the government has to take steps to ensure that they have the right kind of cloud infrastructure ready. Govt. now should have a national policy about how they want to handle data of each segment. This is where the term data-governance comes to play. Data governance is basically the way how the data are governed with the storage structure. To do that, first you need to identify the types of data you are handling. After identifying them, a developer will understand which data is classified as sensitive and which isn't. Now after understanding the nature of data, a policy should be on place to understand how these data are treated. Various European countries have already developed policies. So all we need to do is rewrite those policies according to our standards. I am sure a2i and ICT division are already working on these. As soon as we have these policies we will be securing our cloud storages in no time.