blog Fascinating news arrives courtesy of iTNews (which does great cloud computing reporting) that the Australian Prudential Regulatory Authority appears to be shifting its historically antagonistic stance towards cloud computing technologies.
Those with long memories will remember APRA — which regulates Australia’s financial services organisations, such as banks and insurance groups, has previously issued warnings about cloud computing, warning that the “innocuous” nature of such services could mask hidden concerns about offshoring. However, in a speech reported by iTNews this week, APRA appeard to take a more granular approach to cloud computing — a data management guide pending and the group’s head of IT risk David Pegrem noting:
“The number one step is to understand and to be able to classify your data in order to understand what data is going out [to third-party service providers] and what level of sensitivity has to do with that data.”
This more practical approach from APRA to cloud computing reflects the approach which the banks are starting to take themselves. A few weeks ago, Westpac revealed, for example, that it was recently able to host some data in Microsoft’s Azure public cloud because no identifiable customer information had headed offshore.
As I wrote a few weeks back, the debate around cloud computing in Australia is becoming more granular and tactical — as organisations gradually shift to a more mature understanding of this new class of technologies. In some ways, this is not a revolution; but an evolution; not a black and white scenario, but one of shades of grey. It’s good to see some recognition from APRA of this fact.