The Information Technology Organization of Iran (ITOI), the government body that develops and implements IT services for the country, is looking for suppliers of cloud computing.
The org recently posted a notification of its desire to evaluate, grade, and rank cloud players to assess their suitability to host government services.
At the end of the exercise, the organization hopes to have a panel of at least three cloud operators capable of handling government services.
The government agency will base its assessments on compliance with standards such as ISO 27017 and ISO 27018, which define controls for secure cloud computing and protection of personally identifiable information.
ITOI also expects companies that participate in its evaluation to be compliant with the NIST SP 800-145 definition of cloud computing.
Yes, Iran recognizes that NIST – the USA’s National Institute of Standards and Technology – despite regarding America as a trenchant enemy.
ITOI has cast the net wide, by seeking cloud operators with the capacity to deliver IaaS, PaaS, or SaaS. Service providers that deliver private, public, hybrid or community clouds are also welcome, as are service providers who specialize in security, monitoring, support services, or cloud migration.
Organizations that pass ITOI’s tests will earn a “cloud service rating certificate” that makes them eligible for inclusion on a list of authorized cloud services providers.
The Register reminds readers that many jurisdictions have made doing business with Iran an offense.
The story behind this story may also be of interest because The Register’s Asia-Pacific desk tracks ITOI’s RSS newsfeed, which for many months did not publish any updates.
That changed after Iran closed its internet to prevent cyberattacks during the 12-day war with Israel and the USA. Once the conflict ended, the RSS feed sprang back to life. ®