The Ministry of Electronics and IT on Thursday issued guidelines on setting up of IT infrastructure by government departments using cloud computing technology with a clause mandating that all data must be stored within the country.
The guidelines for government departments on contractual terms related to cloud services said since the data can be located in one or more discrete sites in foreign countries, therefore, the condition for data location has to be specifically mentioned in the agreement with the service provider.
"The terms and conditions of the Empanelment of the Cloud Service Provider has taken care of this requirement by stating that all services including data will be guaranteed to reside in India," the guidelines said.
The cloud computing service enables its user to hire or use software, storage, servers as per requirement instead of purchasing the whole system.
MeitY has empanelled 11 companies for providing cloud computing services to government departments which include Microsoft Corporation, Hewlett Packard, IBM India,Tata Communications, Bharat Sanchar Nigam Limited (BSNL), Net Magic IT Services, Sify Technologies and CtrlS Data Centers.
Cloud computing can help government departments expand capacity of their IT system as per need and even for short period and quickly start any online service.
The cloud computing system can be of help to departments specially in handling sudden load of web traffic generated to access their websites like in case of train ticket booking, form filling or tax submission on a last date etc.
"...the department is required to move away from the traditional fixed payment model to a variable pricing / utility pricing model where the department pays for the resources it actually uses during that period. The payment terms have to be structured accordingly to pay only for the resources used by the department," a separate set of guideline issued for cloud services procurement said.
The guidelines on cloud computing follows MeghRaj Policy (cloud policy) to provide strategic direction for adoption of cloud services by the government.
The aim of the cloud policy is to realise a comprehensive vision of a government cloud (GI Cloud) environment available for use by central and state government line departments, districts and municipalities to accelerate their ICT-enabled service improvements.
As per the guidelines, both cloud service provider (CSP) and government department will have to share responsibility for the managing services provisioned using cloud computing facility.
"The CSP's part in this shared responsibility includes providing its services on a highly secure and controlled platform and providing a wide array of security features customers can use. The departments' responsibility includes configuring their IT environments in a secure and controlled manner for their purposes," the guideline said.