ICO Visit and a Quick Guide to Cloud Computing

Following a recent meeting the E-CINS Team had with strategic leads at the Information Commissioners’ Office (ICO) in Wilmslow we thought it would be helpful to run a feature on E-CINS as a cloud computing solution

To assist the reader we have clarified a few basic points:

Cloud provider – In the case of E-CINS this is Empowering-Communities as we are the organisation that owns and operates a cloud service.

Cloud customer – The organisations that use E-CINS.

Cloud user – The end user of a cloud service – for example practitioners that access E-CINS.

Software as a Service (SaaS) – As a SaaS cloud application E-CINS offers secure access to a complete software application which the authorised user accesses through a web browser. Accessing the software in this manner eliminates the need to install software on the client machine and allows the service to support a wider range of devices.

Cloud computing can be deployed using a number of different models. To help clarify the situation the ICO have defined the three main groups involved in the use and delivery of cloud services as:

1. Private cloud – The cloud customer is the sole user of the cloud service. The underlying hardware may be managed and maintained by a cloud provider under an outsourcing contract. Access to the cloud service may be restricted to a local or wide area network.

2. Community cloud – A group of cloud customers access the resources of the same cloud service. Typically the cloud customers will share specific requirements such as a need for legal compliance or high security which the cloud service provides. Access to the cloud service may be restricted to a wide area network.

3. Public cloud – The infrastructure, platform or software is managed by the cloud provider and made available to the general public (cloud customers or cloud end-users). Access to the cloud service is likely to be over the public internet.

E-CINS operates as a ‘Secure Community Cloud’ because access is restricted to specified organisations who require high levels of security and legal compliance