Cloud Office and PTA Working on Security Guidelines for Registration of Cloud Service Providers

The Cloud Office established in the MoITT is working with PTA on the preparation of security guidelines required for the registration of Cloud Service Providers in the country.

The Cloud Office established in the Ministry of Information Technology and Telecommunication (MoITT) is working with Pakistan Telecommunication Authority (PTA) on the preparation of security guidelines required for the registration of Cloud Service Providers (CSP) in the country.

According to sources in the MoITT, the preparation of security guidelines is a sensitive issue. PTA has experts in the field who are assisting the Cloud Office in the preparation of these guidelines. Sources also claimed that Office in collaboration with PTA will prepare security guidelines for the registration of cloud service providers within a month.

According to MoITT officials, the cloud-first policy mandates to define security baselines, based on domestic and international standards, for different cloud models designated to host different data classes for Public Sector Entities.

The Cloud Service Providers (CSP) and the Public Sector Entities (PSE) must maintain utmost integrity to protect the data and meet the security requirements set forth by the Office. The failure to satisfy any of the liabilities or obligations shall constitute a breach. Any data breach must be disclosed to the Cloud Office as soon as the breach is discovered. Cloud Office as determined in applicable regulations, may seek incident reports and determine appropriate response measures.

In addition to meeting baseline security standards, audits and security monitoring mechanisms must be in place to ensure cloud services meet the data integrity, confidentiality requirements and that there have been no data breaches, and that the data and workloads are continuously available, the official added.

The sources also revealed that along with security guidelines the Office is also working on cost, interoperability, availability, and other parameters. The provinces are preparing their framework for the adoption of the Cloud First Policy, after which a cloud board will be formed at the Federal level, which will be headed by the Federal Secretary, MoITT.

This news was originally published by Pro Pakistani.