CISPE Launches Cloud Switching Framework for EU Data Act Compliance

As companies continue to navigate the ever-evolving landscape of cloud computing, a new framework has been introduced by Cloud Infrastructure Service Providers in Europe (CISPE) to promote multicloud adoption and ensure compliance with the European Union’s stringent Data Act. This timely initiative is designed to address growing concerns about data portability and the potential for vendor lock-in, providing guidelines and technical specifications to assist vendors in meeting the EU’s upcoming regulatory requirements. The EU Data Act, enacted in January 2023, sets forth a comprehensive framework for data privacy, sharing, and portability, giving vendors 20 months to comply, with enforcement slated to begin in September 2025.

The Cloud Switching Framework

At the heart of this initiative is the Cloud Switching Framework, which is a pivotal tool designed to facilitate the seamless movement of data between different cloud providers. This framework assists vendors in demonstrating their compliance with the critical aspects of the EU’s Data Act, particularly those related to cloud data portability. By enabling cloud providers to generate automated verification credentials, the framework ensures adherence to the new standards, making it easier for companies to switch between cloud services without being tethered to a single provider.

The introduction of the Cloud Switching Framework is significant not just for its technical specifications but also for its broad implications. With machine-readable verifiable credentials, cloud providers can offer higher transparency regarding the movement of workloads. This aligns with the objectives of the Data Act, which aims to harmonize data access policies across vendors and prevent vendor lock-in. These steps are crucial as they enable companies to be more agile, adopting hybrid and multicloud strategies that are increasingly necessary in today’s dynamic business environment.

Collaboration and Impact

CISPE’s efforts in developing the Cloud Switching Framework were bolstered by collaboration with Gaia-X, another prominent EU-based advocacy group focusing on data and cloud standards. Together, these organizations laid down specifications anchored on five key pillars. These include providing clear information on switching procedures, data formats, costs, and technical limitations; creating channels for notifying vendors of switching requests and tracking them; offering secure data migration tools; establishing clear contract termination procedures; and affirming in vendor contracts the customers’ rights to move workloads between different clouds.

Several industry heavyweights, including AWS, have shown their support for the framework as key members of CISPE since its inception in 2017. Their endorsement is a testament to the framework’s utility in simplifying compliance processes and promoting a more interconnected cloud ecosystem. Additionally, smaller cloud service providers like Italy-based Deda.cloud emphasize the framework’s role in fostering innovative multicloud solutions that could lead to more flexible and efficient compliance with the Data Act.

Wider Implications and Future Prospects

As companies continue to navigate the ever-evolving landscape of cloud computing, the Cloud Infrastructure Service Providers in Europe (CISPE) have introduced a new framework promoting multicloud adoption and ensuring compliance with the European Union’s stringent Data Act. This timely initiative addresses growing concerns about data portability and the potential for vendor lock-in. It provides guidelines and technical specifications to assist vendors in meeting the EU’s upcoming regulatory requirements.

Enacted in January 2023, the EU Data Act sets forth a comprehensive framework focusing on data privacy, sharing, and portability. The Act mandates that vendors comply within 20 months, with enforcement beginning in September 2025. By establishing clear guidelines, CISPE aims to facilitate smooth transitions for companies, ensuring they can operate in a multicloud environment without compromising data security and compliance. The initiative is crucial, as it helps businesses adapt to regulatory changes while promoting innovation and flexibility in cloud service usage.

Explore more

Digital Transformation Challenges – Review

Imagine a boardroom where executives, once brimming with optimism about technology-driven growth, now grapple with mounting doubts as digital initiatives falter under the weight of complexity. This scenario is not a distant fiction but a reality for 65% of business leaders who, according to recent research, are losing confidence in delivering value through digital transformation. As organizations across industries strive

Understanding Private APIs: Security and Efficiency Unveiled

In an era where data breaches and operational inefficiencies can cripple even the most robust organizations, the role of private APIs as silent guardians of internal systems has never been more critical, serving as secure conduits between applications and data. These specialized tools, designed exclusively for use within a company, ensure that sensitive information remains protected while workflows operate seamlessly.

How Does Storm-2603 Evade Endpoint Security with BYOVD?

In the ever-evolving landscape of cybersecurity, a new and formidable threat actor has emerged, sending ripples through the industry with its sophisticated methods of bypassing even the most robust defenses. Known as Storm-2603, this ransomware group has quickly gained notoriety for its innovative use of custom malware and advanced techniques that challenge traditional endpoint security measures. Discovered during a major

Samsung Rolls Out One UI 8 Beta to Galaxy S24 and Fold 6

Introduction Imagine being among the first to experience cutting-edge smartphone software, exploring features that redefine user interaction and security before they reach the masses. Samsung has sparked excitement among tech enthusiasts by initiating the rollout of the One UI 8 Beta, based on Android 16, to select devices like the Galaxy S24 series and Galaxy Z Fold 6. This beta

Broadcom Boosts VMware Cloud Security and Compliance

In today’s digital landscape, where cyber threats are intensifying at an alarming rate and regulatory demands are growing more intricate by the day, Broadcom has introduced groundbreaking enhancements to VMware Cloud Foundation (VCF) to address these pressing challenges. Organizations, especially those in regulated industries, face unprecedented risks as cyberattacks become more sophisticated, often involving data encryption and exfiltration. With 65%