ISLAMABAD: The Securities and Exchange Commission of Pakistan (SECP) has issued draft cloud adoption guidelines for the registered companies to secure their sensitive and secretive data from cyber attacks and digital leakages

However, all the business entities have to ensure that the selected cloud service providers do not offer the services through their data centres located in any hostile country such as India, Israel, etc.

The guidelines provide an easy and efficient procedure for transition to cloud computing and the companies will be able to get a clear understanding of the risks and benefits involved in moving to cloud compared to traditional computing solutions.

The draft guidelines placed at the website of the SECP has been based on Pakistan Cloud First Policy (PCFP) 2021, and the National Cybersecurity Policy 2021 issued by Ministry of IT & Telecommunication. The commission has invited feedback on draft guidelines by Aug 13.

The SECP has highlighted that the ‘secret’ information of the businesses requires highest level of protection from serious threats, whose breach will likely cause threats to life or public security, financial losses, serious damage to public interests, etc.

The SECP has said that ‘cloud’ offers a convenient, on demand access to a shared pool of resources such as servers, storage, and applications, over the internet.

It has been suggested that there were several free cloud computing options also existed for emails, document management and even customer relations, etc.

At the same time the SECP has suggested the businesses to review services before deciding to buy them.

The SECP has said that building an information technology (IT) infrastructure can be complex and expensive for new and growing business entities, while limited resources, expertise, and time often constrains how much small and midsize enterprises are able to accomplish.

The corporate sector regulator has suggested that the cloud computing was a better option, which is a technological framework offering a convenient, on demand access to a shared pool of resources such as servers, storage, and applications, over the internet, and the users do not require their own controlled hardware or software.

These resources are maintained and provided by cloud service providers, and the user can get access to these resources over the internet by paying nominal charges to the cloud service providers. Every business uses the services of cloud according to their scale.

Published in Dawn, August 3rd, 2021