#CIO – French Trusted cloud: Can we trusted it ?
Marc Mencel
#Cio #Governance #Carve-out #Digital #Transformation #IS #Innovation #BusinessPartner #TeamPlayer #Enabler #ProgramManagement #DSI #Gouvernance #SchemaDirecteur #DirectionProgrammes #ERP #CRM #PLM #Data #Supply Chain
The #TrustedCloud refers to an approach to cloud computing that emphasizes security, data protection, regulatory compliance, resilience, and transparency. It aims to provide businesses and organizations with a cloud environment in which they can trust to store, process, and manage their sensitive and critical data.
French Trusted cloud: Can we trusted it ?
There is currently some skepticism about the trusted cloud and existing French and European offerings. Questions about hosting and securing user data and sensitive administrative data arise for CIOs. The HDS certification is often quickly dominated by American companies like AWS, Oracle, and Microsoft. In such cases, it becomes challenging to determine the ownership of data and whether their security and confidentiality can be fully guaranteed.
It appears that, to date, there is no comprehensive solution in France to address all the needs that a CIO faces. Local offerings more closely resemble infrastructure hosting, IaaS, or a rudimentary form of PaaS. They fall short of the level provided by managed services from global operators like AWS, for instance, even with companies like OVH. One has to reconstruct some of the services offered by global cloud providers, contributing to increased costs and project duration.
?
As for S3ns (provide by Thales and Google) and Bleu (provide by Capgemini, Orange, and Microsoft Azure), CIOs agree that while the leadership of these alliances is indeed French, their software stacks still rely on American technologies. Therefore, these approaches do not fully address the potential issue of data being accessed by the U.S. government.
?
领英推荐
Key aspects of the Trusted Cloud include:
·???????? Data Security: Robust data protection, including measures such as encryption, access control, and activity monitoring.
·???????? Regulatory Compliance: Adherence to standards and regulations regarding data protection, privacy, and security, tailored to the specific requirements of each industry or region.
·???????? Resilience: The ability to maintain continuous operations, even in the event of incidents, with strong business continuity plans.
·???????? Transparency: Clear provision of information on how data is processed, where it is stored, and what measures are in place to ensure its security.
·???????? Trust in Business Relationships: Establishment of a trusted relationship between the cloud service provider and the client company, based on transparency, reliability, and compliance.