Yes, security is a top-of-the-mind concern but some governments are nevertheless moving to the cloud. So can India
Deepak Kumar | October 17, 2014
The monsoon clouds that had arrived earlier this year would soon be retreating, marking the end of yet another cycle of rain. Meanwhile, the cloud (computing) direction papers that the government of India had brought out earlier this year are awaiting an effective formation.
Cloud computing seems to have moved quite a bit in terms of enterprise adoption ever since the government announced its cloud initiative termed GI cloud aka MeghRaj (megh being an Indian term for the rain clouds).
A recent survey by ICT market research and advisory firm Current Analysis shows that the cloud adoption at enterprises in India, at 68 percent, is actually comparable with that in the US market.
However, the government sector in India has lagged the corporate sector and federal initiatives in the US when it comes to embracing the cloud.
Government, the early-adopter
The US government has adopted a Cloud First policy, which means that various government agencies should first try to leverage cloud before embarking on other IT deployment models for their needs. Some of the notable developments include the $600 million cloud contract that CIA awarded to Amazon Web Services and the department of interior’s $10 billion plan to migrate IT operations to the cloud involving roles from the likes of IBM, AT&T, and Verizon.
Other forward-looking governments worldwide have also been at varying stages of their respective national cloud developments. Some of these include the UK, Australia, Japan and Singapore. In fact, Singapore’s G-cloud initiative has been much lauded as a programme that has helped improve agility of the government in providing G2C services while also helping it cut costs.
Perhaps the strongest endorsement of public cloud has come from US space agency NASA, which shut down its own private cloud Nebula in 2012 after concluding through a test where the public clouds scored better in terms of reliability and cost-effectiveness. Not that government agencies are all hunky dory about the public cloud in markets like the US; there are compliance and certification grounds that need to be cleared but then the progress is nevertheless taking place.
What corporates are doing
Cloud has gone mainstream across enterprises globally at a rate faster than one would have hoped for. But how are enterprises managing their IT security and privacy concerns when jumping onto the cloud?
The IT folks at enterprises have been known to be so painstakingly particular about IT security that they could at times risk being labelled as fastidious. Security and privacy concerns have long been rightly suspected as a key reason behind organisations’ resistance to the newer computing paradigms like cloud.
So it came as a bit of a surprise when a study at market research firm Current Analysis revealed that cloud adoption across enterprises in India with employee-size ranging from 100 to 10,000-plus was as high as 68 percent. Even more, India fared better than the Asia Pacific average, where the Cloud adoption hovered at 65 percent.
Before you could jump to a conclusion that these enterprises had shed away their “security” guards and embraced cloud by setting aside all inhibitions, consider this qualifier:
Indian organisations have opted largely in favour of private clouds and not the public clouds. These private clouds can be highly controlled IT environments and give enterprises a huge comfort in terms of adherence to their IT security policies and compliance requirements.
Interestingly, the study also notes that these private clouds have mostly been set up by IT service providers (the likes of TCS, IBM, HP, Wipro and Tech Mahindra), which have been long-standing and trusted partners for enterprises in India.
That relationship of trust also explains why Indian enterprises seem to be favouring IT service players over public cloud players or consulting companies when it comes to choosing partners for the deployment of cloud, big data, network security, enterprise mobility and other such various solutions.
Snapshot: Enterprise cloud adoption in India
Infrastructure as a Service (IaaS): 38 percent respondents said they opted for a single cloud service provider while 35 percent said they are using two service providers and another 8 percent said they have three service providers. Around 12 percent enterprises have even gone for four or more suppliers.
Platform as a Service (PaaS): Enterprises that had opted for one, two, three and more service providers, stood at 35 percent, 37 percent, 8 percent and 4 percent, respectively.
Software as a Service (SaaS): Enterprises that had opted for one, two, three and more service providers, stood at 35 percent, 29 percent, 25 percent and 10 percent, respectively.
Microsoft, IBM SoftLayer, HP, AWS, Google, Salesforce.com, Red Hat, Oracle and SAP lead the list of cloud service providers across IaaS, PaaS and SaaS market segments.
When moving a workload to cloud, security (62 percent) continued to be the biggest concern for enterprises, followed by data privacy (42 percent).
IT service providers were also preferred partners for managed network services, enterprise mobility, big data and analytics solutions. However, consulting companies like Accenture, Capgemini and Deloitte came close enough as preferred partners for implementing enterprise mobility solutions.
For managed secure network-to-cloud solutions, consulting companies were a close No. 2 as preferred partners and equipment vendors like Cisco, Avaya and Oracle were not a distant No. 3 either.
Data centre investments showed clear signs of falling behind on enterprises’ priority list, with a sizable 33 percent saying it was a last investment priority for them and a mere four percent said it was still a No. 1 investment priority. This finding alludes that enterprise priorities are moving from capex to opex model with cloud services being the highest investment priority for enterprises in India.
Public cloud adoption in India
Does that mean Indian enterprise will not be opening up to public clouds in the near future?
Well, while security concerns will indeed continue to weigh upon any cloud-related decision making, it could be naïve to assume that enterprises will chose to close their eyes to the benefits of public clouds.
Yet, it does mean that public cloud players like IBM SoftLayer, Microsoft Azure, Amazon Web Services, Rackspace and NTT Communications will have to work harder to alleviate enterprises’ concerns around security, privacy and compliance.
Some of the questions that the cloud players need to ask are: what are the key priorities of the enterprises when it comes to deciding on their partners for various cloud service needs, ranging not just from IaaS, PaaS or SaaS but also for unified communication, big data, analytics and enterprise mobility solutions.
Coming back to MeghRaj
What are some of the key considerations does India need to have when rolling out its cloud programme? While the long-term objectives have been listed out in the direction papers, there may be a need to at least tactically revisit those in the light of fast-paced dynamics being witnessed in the area of cloud. Some of the guiding principles may be:
Stay Light: The idea is not to straight away jump into building a big captive cloud – that could defeat the very core objective of achieving cost-effectiveness. Governments would be better off defining parameters, specifications and certifications that third-party cloud providers should strive to deliver. Captive build-outs must be done only as a last resort.
Cloud First: After the US, the Australian government also announced its ‘cloud first’ policy earlier this year for all ‘low-risk and generic’ ICT services. India could do something similar.
Make a start: That’s the most important first step (goes without saying), maybe with the non-mission-critical workloads into the cloud and identify and address the challenges. Also, while it is a good idea to bring in best practices from the first-mover governments, it is equally important to develop solutions that address our own needs. A government would know what works best for it and its citizens only when it makes a start.
After all, as they say, one size doesn’t fit all. Or shall we say – one cloud doesn’t cover all!