Vertical cloud: a dream for highly regulated industries?

Vertical cloud: a dream for highly regulated industries?

Cloud computing is being widely adopted by many businesses, however, for some organisations, one of the perceived barriers is the multitude of data regulation. Highly regulated industries such as finance and healthcare have a multitude of laws and rules governing data.

For these industries, data ownership is a highly sensitive and extremely important issue which makes implementing cloud technology complex and difficult. For those wanting to take advantage of the benefits of cloud computing, could the answer lie in creating a vertical or community cloud?

A vertical cloud would be a public cloud developed and delivered with regulations and compliance geared towards a particular sector. For example, a dedicated healthcare cloud could be created which followed the UK laws regarding patient data.

Staying compliant

For the finance sector, a cloud which specifically adhered to finance regulations would make moving to the cloud easier because it reassures businesses they'll be compliant with the relevant industry standards in terms of use of the cloud. In addition, in terms of compliance, one compliance officer or team could support multiple companies to advise them on how to comply with finance regulations.

If they used a vertical cloud it would be quicker and easier for organisations to account for data handling and adhere to regulations. Additionally, it would be easier to standardise audits so that customers of the 'community' or vertical cloud could rely on one audit rather than each have to carry out individual audits themselves. This approach would decrease security risk and cost.

So, how would a vertical cloud be created, and who would monitor it? An industry body or collective who works with each industry would be highly suitable. For example the Quality Care Commission, one of the UK Government bodies responsible for healthcare regulation would be suitable as it has in depth knowledge of what is needed for IT regulation in the healthcare industry.

As regulatory bodies for the UK's financial services providers, the Financial Conduct Authority (FCA) or the Prudential Regulation Authority (PRA) would be well placed to oversee the creation of a vertical cloud in this sector.

Integration

In order to develop the cloud, members of the industry body would need to decide on what regulations should be 'built into' the cloud. For example should the vertical cloud focus on just the UK regulations? Of course EU regulations would also have to be taken into account along with any international rules or laws specific to that sector, for example the US regulation HIPAA which has a global remit.

This stage of development would need to be completed in conjunction with cloud providers in order to ascertain what would be technically possible. It could lead to certain providers specialising in delivering cloud solutions for one sector. This would provide reassurance for customers and potential customers that the cloud provider is compliant specifically for their sector.

A vertical cloud is a feasible option if industry bodies, service providers and key potential customers work together to create it. Knowledge sharing would be key to creating a successful vertical cloud and would benefit customers and services providers alike.

If this was achieved it could significantly accelerate cloud adoption and reverse the current situation where highly regulated industries avoid widespread use of cloud because of regulatory concern. In the future, rather than choosing to keep such services in-house, using a specialised cloud services provider could become the preferred route for some industries to comply with a web of regulation.

These suggestions are considerations at this stage, but a vertical cloud is an option. Highly regulated industries could do well to seriously consider this approach and start to drive discussion in their industry in order to make it a reality.

  • Ali Parvin has 20 years experience in the legal field, working as a solicitor at a law firm as well as in-house and is now Senior Legal Counsel at Dell.
Latest in Pro
Cybersecurity
Why OT security needs exposure management to break the cycle of endless patching
Employees sat around together discussing business issues.
AI deregulation: what smart leaders do when the rules go off the rails
Branch office chairs next to a TechRadar-branded badge that reads Big Savings.
This office chair deal wins the Amazon Spring Sale for me and it's so good I don't expect it to last
Saily eSIM by Nord Security
"Much more than just an eSIM service" - I spoke to the CEO of Saily about the future of travel and its impact on secure eSIM technology
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
FlexiSpot office furniture next to a TechRadar-branded badge that reads Big Savings.
Upgrade your home office for under $500 in the Amazon Spring Sale: My top picks and biggest savings
Latest in News
DeepSeek
Deepseek’s new AI is smarter, faster, cheaper, and a real rival to OpenAI's models
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
An aerial view of an Instavolt Superhub for charging electric vehicles
Forget gas stations – EV charging Superhubs are using solar power to solve the most annoying thing about electric motoring