Article by Dell Boomi Asia managing director William Fu
In today’s competitive age of digital transformation, organizations have to move and respond rapidly. But companies can’t drive new business initiatives that grow revenues, reduce costs and mitigate risk without the ability to tailor IT infrastructure to match the needs of the business. Cloud makes this possible.
In November 2017, analyst firm Forrester predicted that the global public cloud market would grow from $146 billion in 2017 to $178 billion in 2018, a compounded annual growth rate of 22 per cent. Furthermore, recent research from LogicMonitor suggests that 83 per cent of enterprise workloads will be in the cloud by 2020, largely driven by the desire for digital transformation.
Businesses can leverage all three types of cloud offerings: infrastructure as a service (IaaS), software as a service (SaaS) and platform as a service (PaaS) to become more nimble, agile and respond faster to customers and market demand.
Yet in Asia, we’re still discussing the same fundamental concerns raised a decade ago by organizations in other geographies worried about using cloud services.
While the lack of regional cloud data centers was once a real concern, both Amazon Web Services and Microsoft have been aggressively expanding and now have multiple availability zones throughout Asia. Meanwhile, Google Cloud Platform recently opened a third zone in Singapore, and Alibaba Cloud has become the second largest public cloud throughout all of Asia.
The belief that on-premise infrastructure is cheaper in the long run has been fairly pervasive in the market. But on-premises software has all kinds of hidden costs and long-term expenses that drain organizations of money and valuable resources. You need to have the right staff in place to manage and maintain these old-school systems, and many legacy on-premise applications might not interoperate with cloud-based apps, resulting in data silos and more administrative work.
But the biggest hit from on-premises systems is speed. With a vendor responsible and fully focused on running the software, companies can turn on new services literally with a couple of clicks of a mouse.
Myth Versus Reality
There are five major themes that I’ve come across when talking with customers in Asia about their hesitation to move to the cloud. All of these have come up time and time again over the past few years. It’s time to shine a light on the truth: cloud is the future, and at this point, it’s not a question of “if” you, as a business, are going to move to the cloud, it’s “when.”
And if you don’t move to the cloud, you won’t be around long enough to learn from your mistake. Certainly, this has become abundantly clear in the United States and Europe, where progressive cloud adopters are all moving ahead of their competitors.
Despite all of the success stories, many people still believe that the use of the cloud carries higher risk than costlier on-premises technology.
Reality: Cloud providers are better equipped to mitigate and manage risk than any individual company. Any company leveraging cloud is set to reap the benefits of scale in more ways than just shared infrastructure costs. Cloud providers also have multiple data centers around the globe with full replication set up. In the event of a failure, your data is much safer than it would likely be in-house. Certainly, maintaining a similar kind of redundancy is costly and complicated for any organization that needs to focus its resources on more pressing business needs.
IT management is reluctant to relinquish control. This ties back to worries about security, related to both malicious attacks and data breaches. This can also be part of broader concerns from employees about job security.
Reality: Most organizations already depend on third parties who might provide anything from infrastructure hosting to server management. SaaS apps like Salesforce, Workday, SAP Concur, Eloqua and more are common, so in reality, cloud technology is already being used. If done right, cloud frees IT staff to concentrate on more important work that strategically benefits the company.
There’s a misperception that storing data in the cloud means that your cloud provider and anyone else out there who tries can easily access it.
Even putting the fear of other types of malicious attacks aside, data breaches are a huge concern for organizations today.
From Apple to Dropbox to LinkedIn, many high-profile organizations around the globe have been breached. And with disparate data privacy laws in place such as the GDPR or Singapore’s Personal Data Protection Act, companies are even more worried about incurring fines, in addition to losing face.
Reality: “In the cloud” does not mean “open to the world in general.” Cloud providers have to meet security and compliance requirements for multiple countries in order to receive certification.
Most cloud vendors provide high levels of encryption, ensuring that they do not have access to your data. This makes cloud usage safer across a far wider range than is possible for any on-premise system. The reality is that the majority of hacks and intrusions are due to security holes in apps and databases deployed from within an organization, not at the infrastructure layer outside the organization.
In addition to data privacy acts, every country has its own regulations. And according to the National Institute of Standards and Technology (NIST) guidelines on security and privacy in public cloud computing, organizations using cloud services are fully responsible for all compliance-related issues.
Figuring out what is required for compliance in multiple regions has been an ongoing challenge, so companies have been using this as an excuse to not use any cloud services that are hosted outside of their own territory.
Reality: Cloud software providers actually have more regulatory certifications than most any business, as they offer hosting services around the globe. This means that customers benefit from more stringent compliance than they would maintain on their own. Most cloud providers have published documentation that claims compliance with major regulations around the globe, including PCI, HIPAA for U.S. healthcare, ISO 9001, and Australia’s IRAP, although they make a point of stating that the customer also needs to be aware of regulatory requirements. To help customers better understand the regulations that apply to the adoption of cloud, country by country, Microsoft recently published a digital guide to cloud regulations in Asia.
A financial services cloud report from Asia Cloud Computing Association (ACCA) released earlier this year shows that while there is still a need for a regulatory framework that can help bridge compliance requirements across Asia, it is no longer slowing down cloud adoption. Cloud usage and innovation in Asia’s healthcare industry is also on the rise, showing that compliance issues are not considered a hindrance.
Companies using legacy infrastructure or legacy apps are often reluctant to make changes or feel that they are locked into using the technology they already have in place due to financial and resource investments. Even when CIOs believe that a move to the cloud would provide greater business agility and lower cost, there may be a gap in skills within the existing IT team.
Reality: Most IT infrastructures today are hybrid. Adopting cloud technology doesn’t mean that you have to move all of your data to a public cloud. It’s ok to start slowly, adding best-of-breed apps and a cloud-native integration platform to make sure that everything you need to connect, whether it’s on-premise or in the cloud, works together. If you don’t have the ability to bring on new staff, start by training your existing team or bringing in one person with new skills and supplementing when the time is right.
The skill gap is a recognized problem but one that many forward-thinking companies in Asia are already working to address. A 2017 IT trends report from vendor SolarWinds shows that more than half (58 per cent) of Singapore-based respondents have either hired/reassigned or plan to hire/reassign in the foreseeable future IT personnel for the specific purpose of managing cloud/cloud-related technologies.