The European Commission adopts a new Cloud Strategy

On May 16th, the Commission’s Information Technology and Cybersecurity Board approved the new Cloud Strategy of the Commission. This is a major step forward in Commission’s cloud journey which started already in 2014. 

The strategy describes how cloud computing is shaping the future of IT within the Institution and is an enabler for the overarching European Commission Digital Strategy. At the heart of the cloud strategy is a cloud-first approach with a secure hybrid multi-cloud service offering.

The cloud strategy shapes how we see the future of IT within our organisation and is an important milestone in the delivery of the European Commission Digital Strategy, adopted in November 2018’’, said Gertrud Ingestad, Director-General of DG Informatics.

The strategy elaborates how the cloud is affecting the digital solutions, data ecosystem, digital workplace, IT infrastructure and, last but not least, the IT security services. It lists the lessons learned from the first cloud framework contract and addresses the governance challenges in order to use cloud safely and in full respect of the data protection regulations.

Cloud is not just about infrastructure. It has a profound impact on how we source, develop, run and secure IT solutions across DIGIT and beyond’’, said Philippe van Damme, Director of Digital Workplace and Infrastructure in DG Informatics.

At the core of the strategy is a cloud-first approach based on a secure hybrid multi-cloud service offering. “Cloud-first” implies that any new development should preferably be cloud-native, and existing information systems should be reassessed for transformation, rewriting or replacement within the context of the modernisation plans foreseen by the European Commission Digital Strategy, seizing the opportunities arising in the business and application lifecycle.

The strategy targets a cloud service offering for the European Commission that is:

• Secure by identifying and managing IT security risks and handling data in line with its classification, as well as compliant with data protection obligations of the European Commission;
• Hybrid by utilizing services both from public cloud providers as well as an on premise European Commission managed private cloud;
• Multi-cloud by not tying the European Commission to one public cloud provider and source from the cloud provider best suited to provide the requested service;
• Energy-efficient in line with the overall EU priority of lowering carbon footprint and with green public procurement policy.

You can read the European Commission Cloud Strategy here.