Singapore – The Infocomm Media Development Authority has recently released advisory guidelines outlining recommended measures for Cloud Service Providers (CSPs) and Data Centre (DC) operators in Singapore. These guidelines aim to strengthen service resilience and security as well as reduce disruptions and their potential impact on the economy and society.
According to the institution, the guidelines provide the best practices to address risks associated with cloud services and data centres. This ranges from misconfigurations in technical architecture to physical hazards such as fires, water leaks and cooling system failures, as well as cyberattacks.
The key measures which the guidelines further recommend CSPs and data centre operators implement encompass risk assessment, business impact analysis, business continuity planning, and cybersecurity measures.
For cloud services, the institution said that the guidelines cover seven categories of measures to uplift the security and resilience of Cloud Services. CSPs are also encouraged to adopt best practices in areas such as security testing, user access controls, data governance, and disaster recovery planning.
It also equips data centre operators with a framework to enhance business continuity management, reducing service disruptions and ensuring high availability. This includes establishing effective policies, controls, and processes, with an emphasis on ongoing improvements and cybersecurity risk mitigation.
These are additional steps to enhance the resilience and security of cloud services and data centres, following the amendments to the Cybersecurity Act last year to address the cybersecurity risks of such digital infrastructure. Said guidelines complement the upcoming introduction of a new Digital Infrastructure Act (DIA), which will regulate systemically important digital infrastructure such as major CSPs and data centre operators.
Meanwhile, IMDA noted that the guidelines will be regularly updated to reflect technological advancements, lessons from past incidents, and industry insights. More specifically, companies offering digital services are especially encouraged to conduct risk assessments and establish business continuity plans to minimize the impact of service interruptions on their customers.
The latest release highlights the critical role of adopting the right practices to minimise disruptions as well as to enhance the resilience and security of cloud services and data centres across the country.
