Are CIOs confident enough to adopt cloud and how can cloud service providers help?

With issues of data residency and reluctance to move away from legacy resolved, the question now arises if the average Indian CIO has enough faith in cloud service providers to store and manage critical business data seamlessly.

The Indian public cloud services market is predicted to reach USD 4.1 billion in 2018, a 200 percent growth from the mere USD 1.3 billion in 2016, says research firm Gartner. The rapid adoption of cloud computing by Indian enterprises with more applications being moved to the cloud, IT leaders now need to address the concerns that along with it.

With major cloud players like Amazon Web Services, Microsoft Azure, Google Cloud Computing Platform and IBM having set up local cloud datacenters in the country, the age old concern of data residency seems resolved. Even Alibaba is setting up its first cloud datacenter in India in January 2018. But there are still several concerns and issues Indian enterprises have not unsolved. Can cloud service providers provide seamless integration in a multi-cloud environment? How safe is the critical business data? What can be done in the event of an unfortunate outage? Is it really worth it?

Is Cloud Really Secure Enough?

Several organizations actually consider security as a primary benefit to moving to a public cloud, says Gartner. But, security features on cloud may not be as mature as desired, warn experts.

According to Ventakesh Sivasundravel, CIO, Air Works Group, “The reason why many organizations are still hesitant to move to cloud or to transfer their information to the cloud is mainly because of security and geo-political concerns.” Although the common belief is that cloud providers can offer better security than traditional security that an organization implements, cloud providers will have to continue to work on keeping the data security measures a step ahead.

And cloud based cybersecurity attacks seem to have grown exponentially. Microsoft’s 22nd edition of Security Intelligence Report revealed that the company witnessed a 300 percent increase in cloud-based accounts attacked in the last one year. The report also added that cloud services are “perennial targets for attackers seeking to compromise and weaponize virtual machines and other services.” Not exactly reassuring, is it?

Achal Kataria, VP and head - global technology at EXL Services agrees and says that the presence of local cloud datacenters doesn’t necessarily indicate security. “Not unless the cloud partner takes all necessary security measures which instils tconfidence with end customers,” he adds.

Instead, Kataria points to other issues service providers need to look at now. “We need to focus on data privacy to ensure customer data is protected, the need to be compliant with data privacy standards, service assurance and high availability with support, and data backup, archival infrastructure and process that can help pull out even one transaction,” he says.

IT experts believe that moving to the cloud can get you a much robust security in the next couple of years, given the rise of IoT that will lead to an inevitable security requirement for the data surge. Sivasundravel stresses upon how service providers need to do a better job of explaining security aspects and how they manage security viz-a-viz a typical data center to help IT leaders put more faith in them.

According to Peter Gartenberg, general manager – enterprise commercial, Microsoft India, the company has not only been protecting its customers but also helping them to move to more secure forms of multi-factor authentication such as PINs and biometric security protocols. “The organizations of today can easily detect suspicious behaviour, respond to advanced threats quickly and integrate built-in cybersecurity tools,” he adds.

Since setting up its own cloud datacenter in the country, Microsoft has been able to reassure quite a few companies that were reluctant or unable to move to the cloud due to regulatory and governance issues with regards to data residency. “With our local offerings, Microsoft is able to offer a locally hosted model where the data would reside within the country, which addresses the data privacy for compliant and regulated industries such as banking and the government sectors,” adds Peter.

Multi-Cloud Conundrum

The multi-cloud infrastructure is fast becoming a trend in the market as it not only allows organizations to maintain a hybrid cloud environment, but also helps them reduce costs and increase data security. However, the key to a seamless navigation through a multi-cloud environment is with the cloud service providers.

Kataria says, “Cloud service providers need to identify opportunities, develop business cases, and also help with legal issues. They need to work with our information security teams as well.”

A multi-cloud environment can prove to be quite a challenge without a proper plan in place before the transition. Gartenberg doesn’t believe that companies are investing heavily in multi-clouds, something that can greatly benefit them.

According to Sivasundravel, multi-cloud environments can prove to be complex with cloud interoperability. “Hiring, training and retaining a team with all the skills required to manage them will become expensive and time consuming. With cloud environments continuously evolving, vendors with their pool of certified professionals and experts can help by minimizing complexity and costs,” he says.

Pricing Remains Foggy

While the traditionally IT infrastructure had been a capital expenditure, the “pay-as-you-go” model of the cloud has transformed the way organizations run IT. One of the biggest advantages of moving to the cloud, as compared to maintaining a legacy infrastructure is the cost difference.

With cloud adoption, companies can eliminate several expenditures, allowing them to be invested elsewhere. But, Indian IT leaders have been consistently unhappy with the hidden costs and cost surprises that cloud service providers seem to spring up on them. Is the picture really that bleak?

Sivasundravel says it’s a two-way street. “We don’t see hidden cost unless your requirements are met with the cloud offerings and the charges documented clearly. But, one needs to be more aware of the organizations’ changing needs and take a different approach to running IT to avoid cost surprises.”

He adds, “There are costs that are not generally looked at while moving to cloud like data transfer charges, VPN charges, snapshot volume cost, loss of under-utilization, data backup and business continuity.”

While cloud adoption is an inevitable course in the digital journey of any organization looking to survive and thrive, maybe cloud service providers can make the road a bit less bumpy.