Commentary: Security, commercial and legal angle to cloud, Abhinav Srivastava, Piaggio Group
Abhinav Srivastava, Head - IT, Digital Transformation, Cyber Security & Analytics, Piaggio Group discusses the security, commercial and legal angle associated with cloud computing
The cloud computing technology has brought about a paradigm shift on data center (DC) models. With the ever changing regulatory changes, there are a multitude and cascading effects on various other aspects of the cloud. A few important determinants of cloud adoption are workload type and cloud adoption matching, security, commercials and the legal angle.
Cloud is less secure is a myth. “The cloud security ecosystem is now way more secure than any other security application,” says Abhinav Srivastava, Head – IT, Digital Transformation, Cyber Security & Analytics, Piaggio Group. The critical workloads can also go on cloud. It’s all about being on top of the data and applications, knowing them inside-out and outside-in and having insights. It would be false to think, the critical workloads are more secure in an on premise data center than a cloud computing setup.
The business goals define the workloads, which in turn shapes the data center operating model. Cloud can be a critical part of the data center model but it cannot be the umbrella strategy. There are some workloads that will not work fine on cloud doesn’t mean cloud is ineffective.
For auto companies, they should make sure the dealer management systems, if hosted on cloud, should be physically residing in India. These systems hold personal information of the customers and they should adhere to the law of the land. It’s important to note, India will soon have a personal data protection law.
The commercials of Cloud
Cloud computing, from a financial standpoint, on a five year horizon is slightly on a higher side as compared to an on-premises model. “Cloud is not cheap. On a three year horizon, cloud and on-prem go hand in hand but on a five year timeline, cloud is expensive,” says Srivastava. Cloud is cheap is something often discussed in industry circles but it is not light on the purse strings and is expensive on a longer run.
Although cloud is expensive but the payments can be spread out like an EMI. “What if i want to keep the data with myself on an on-premise private cloud but still want to take advantage of the EMI-kind of an option. This option, which was hitherto unavailable, is available now,” says Srivastava. The cloud provider gives a monthly bill of the usage with a catch of having to pay a minimum commitment.
CIOs should have a dedicated data center budget. The IT budget is broken into various sub budgets and data center should be one of them. The DC budget should be taken care of from all aspects, well pre-validated by the CFO.
The legal aspect to cloud
The cloud partner doesnt have any skin in the game from a legal or compliance perspective. While the enterprise end user like a bank, auto company is bound by regulations to pay his client for systems unavailability, the cloud providers go scot free. For e.g. In a recent case at one of the auto companies, the cloud computing environment suffered downtime at the critical juncture of the last few hours of filing the month end billing to the regulator and it was about the crucial BS IV to BS VI transition. The auto company had to file a substantial penalty to the regulator however when the company approached the cloud provider, they raised their hands saying the cloud systems were up but the internet connectivity was down. There was nothing mentioned in the internet connectivity contract. The legal culpability part wasnt mentioned and It fell off the cracks. The CIO missed the legal angle and the legal head missed the IT angle.
CIOs should make sure the contracts are tightly drafted and such inconsistencies should be avoided. The agreement between the cloud provider should be in line with the agreement with the end customers.
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]