Pakistan ministry registers cloud providers to bolster data security
Translated from English, summarized and contextualized by DistantNews.
At a glance
News
Named sources
New plan
- Pakistan's Ministry of Information Technology and Telecommunication is registering cloud service providers to ensure data security and meet standards under the Pakistan Cloud First Policy.
- Strict security criteria, including third-party audits, are required, with sensitive data mandated to be stored on servers physically within Pakistan.
- The policy aims to secure national data, facilitate cloud adoption in the public sector, and conserve foreign exchange by promoting local services.
Pakistan's Ministry of Information Technology and Telecommunication (MoITT) has initiated the registration of cloud service providers (CSPs) to enforce adherence to required standards and protect national and public data. This move aligns with the government's Pakistan Cloud First Policy (PCFP), which mandates strict accreditation criteria for CSPs.
To ensure robust data security, CSPs must undergo rigorous security checks and audits by third-party auditors registered with the Pakistan Computer Emergency Response Team (PKCERT). A key provision of the policy ensures that sensitive Pakistani data is stored on servers located within the country, bringing it under Pakistan's legal jurisdiction. Furthermore, the PCFP requires all public sector entities to utilize cloud services for new IT projects, moving away from costly, separate data centers.
For the first time, the policy ensures that Pakistanโs sensitive data is stored on servers physically located within the country, which will help keep national data under Pakistanโs legal control.
Minister of IT Shaza Fatima highlighted that provinces have adopted their own versions of the policy to align with the federal government. The MoITT has established a 'Cloud Office' to manage the federal and provincial cloud policy model and facilitate cloud adoption across the public sector. Specialized 'Cloud Acquisition Offices' will also be set up in provinces to assist departments in safely and quickly procuring necessary cloud services.
An MoITT official emphasized that CSP registration is crucial because clients, both governmental and private, often lack awareness of the security standards employed by providers. Monitoring investments in cloud services is also a priority to prevent resource wastage from excessive spending beyond actual needs. The ministry's report also points to the potential for local cloud services to conserve foreign exchange reserves by reducing spending on imported IT services, keeping funds within the domestic economy. A 'Cloud Board,' led by the IT Secretary and including provincial representatives, will oversee the policy's coordinated nationwide implementation.
Under the PCFP, all public sector entities (PSEs), including federal and provincial departments, are required to use cloud services for any new IT project instead of building their own separate, expensive data centres.
DistantNews Editorial
Originally published by Dawn in English. Translated, summarized, and contextualized by our editorial team with added local perspective. Read our editorial standards.
More Stories
From Our Blog
What Gets Lost (and Found) When News Is Translated
The Critical Role of Diaspora Media in Global News
What Travellers Should Know About Countries with Restricted Press
A Digital Nomad's Guide to Following Local News
How the Same Story Looks Different in Different Countries
