Cloud certification to foster digital transformation management in public administrations

Abstract

Public administrations are struggling with the adoption of cloud computing and face more severe challenges in the management than corporations due to special requirements regarding data protection and security. Certification of cloud services is the most promising method in overcoming the current issues. However, this paper examines that existing certificates for cloud service providers don’t match the requirements of public administrations. The analyzed cloud certificates focus strongly on the information security management. But they only have a general look on data protection management. The missing focus on the special requirements of public administrations with regards to geo location of servers, the US cloud act, and especially prevention of foreign state access of PII data (personally identifiable information) is most critical for the use in public administrations. This article shows that a FedRAMP equivalent certification process combined with a European cloud certificate especially designed for the public administration could be the trigger to a successful and faster cloud implementation in the public administration sector in Europe that is currently underdeveloped. Furthermore, the large market with millions of buying public administrations in 27 European Union countries would create attractive business opportunities for private cloud providers, foster the development of new applications and serve the strategic goal of data sovereignty.