Patterns of Trust: Role of Certification for SME Cloud Adoption

Abstract

Growth of cloud computing as a concept continues to pose challenges on how to deliver agile, yet secure, IT services to enterprises. While the hype surrounding cloud computing may have peaked, the concept of “cloudwashing” (adding the term “cloud” to an existing service for marketing reasons) continues to cause con-fusion and inflated expectations with enterprise buyers. This fear, uncertainty and doubt (FUD) just slows down the growth of a potentially larger market. This is especially true for small and medium sized businesses (SMEs) who turn to IT providers to handle the underlying systems for their businesses. To assist cloud service buyers, a recent communication from the European Commission advocated voluntary certification for cloud service providers. This has sparked a debate as to the relevance and authority of certification bodies in verifying the ability and capability of cloud service providers (CSP). In this research we are developing an exploratory model looking at signaling quality, the independence of certifying authorities, and impact of regulatory backing for trust of certification bodies, based on existing academic literature on standards adoption and trust. We are examining what role third party certifiers can play in adoption of cloud by SMEs, exploring the roles of certifiers in Europe already involved in market adoption to test our framework, together with four established cases of service providers seeking certification.