Under the Pakistan Cloud First Policy, the Ministry of Information Technology and Telecommunications has announced the establishment of an Interim Cloud Office.
The interim cloud office has been formed for a duration of six months, according to the MoITT statement. Syed Junaid Imam, Member IT, has been given additional responsibility for DG Cloud, while Muhammad Bilal Abbasi, Director IT, has been given additional responsibility for Director Cloud Adaption.
Muhammad Ayub, Director Legal, will serve as Director of Legal and Procurement, while Muhammad Jahanzeb Rahim, Director Telecom Wireless, will serve as Director Audits. Aalishan Akhtar, Senior Manager Infrastructure MoITT, has been promoted to Director Infrastructure and Operations. For the temporary structure, Mudasir Abbasi will serve as Joint Director Audits, while Muhammad Babar will serve as Joint Director Cloud Adaption.
This interim structure has been formed for a period of six months, according to the Ministry of IT and Telecommunications. A permanent cloud office will be established in the ministry after six months. The Ministry of Information Technology and Telecommunications has written to establish a division to create permanent positions for cloud offices. Following approval from the establishment division, the hiring process for the permanent cloud office will begin.
The Ministry of IT and Telecommunication’s Cloud Office will be in charge of establishing a baseline, intermediate, enhanced, and maximum security ToRs in accordance with domestic and international benchmarks.
The Cloud First Policy directs the Cloud Office to establish security baselines for distinct cloud models authorized to host different data classes for Public Service Entities, based on domestic and international standards.
According to the PFCP, Cloud Service Providers and Public Service Entities must maintain the highest level of integrity in order to secure data and meet the Cloud Office’s security criteria. A breach occurs when one or more of the liabilities or obligations are not met. Any data breach must be reported as soon as it is found to the Cloud Office.
According to applicable laws, Cloud Office may request incident reports and establish appropriate reaction measures.