With data sovereignty, location isn’t everything

Wednesday, 22 June 2016 00:30 -     - {{hitsCtrl.values.hits}}

By Chris Chelliah6

Businesses looking at cloud computing in Asia Pacific are concerned about where their data is stored, but do they need to be?

In my conversations with customers across Asia Pacific one thing is clear: they all want (and usually need) to adopt the flexibility and benefits of the cloud. Industry statistics agree: a recent Frost & Sullivan report found that 59% of decision-makers in the region cite cloud computing as their main short-term priority. 

CIOs in APAC are being pressured by their business to move as quickly as possible to these flexible, cost-effective infrastructures. However, as with any new journey, there are obstacles — perceived or real — that arise, that can be circumnavigated by a mixture of making the right choices and dispelling some common myths.  

Often when talking cloud, one of the first questions on the table is around the physical location of data centres. This isn’t surprising because data sovereignty can be a crucial factor in many countries, both in Asia Pacific and elsewhere (call out). In Indonesia, for example, regulations stipulate that financial data cannot be stored outside the country without prior approval. ffb

In Singapore, meanwhile, any company sending data outside the country must take measures to ensure the owner of the overseas data centre is compliant with Singaporean data protection laws. It’s worth noting that even there, things are changing around data sovereignty. The new Trans Pacific Partnership, for example, negates countries from mandating data sovereignty provisions. 

There are clearly regulations; and they must be adhered to, but often these issues are a smokescreen for the organisation. This is emphasised by the fact that even in those industries that tend to be most impacted by regulation – the public sector, telco and financial services – many organisations are already benefiting from the cloud in some way; for non-critical application or around test and development.

In fact, for the most progressive organisations I talk to, other than for data that by law has to reside in a particular location, those CIOs who are actively embracing cloud don’t actually care where it is housed. That’s the beauty of cloud for these businesses: where it’s run or what underpins it is far less important than the fact that it supports their processes and enables them to be more responsive or operate cost effectively.  

That said, for those that are at the start of embarking on their journey, there are various options to consider.

There are sets of workloads or applications that make sense to run on-prem and on-prem only — whether that’s governed by regulatory or data sovereignty or your own policies. So businesses should work out what they are – but be prepared to review that on a regular basis.  Not long ago, ERP was one of those mission critical apps that no one could envisage in the cloud. Now it is one of Oracle’s fastest growing product areas. 

There are also workloads that make sense to potentially run in a managed service, where businesses still get the benefits of cloud, but are still using an environment that gives them more control. There are adjacent workloads that run in the public cloud.  In addition, we believe that for the next 10 years or so, many of these workloads may move back and forth, depending on whether they are in test and dev or production. 

Businesses therefore should look for a platform that enables seamless portability to the environment that makes best sense: private cloud, public cloud or on enterprise-owned systems. A powerful way of enabling this is to physically bring the public cloud back to the customer premise – meaning data, workloads and applications can be easily moved between on-premise and on-cloud. Oracle’s Public Cloud Machine is a good example of this approach.

The location issue is important, but not all encompassing.  Delaying or dismissing cloud adoption just because of this would leave an organisation behind its competitors.  It is more mindset than regulation.   This new freedom brings exciting times.  

So what else could be holding companies back? In my next blog I look at the myth and reality surrounding cyber security, and show that in our opinion, the safest place to have your data is the cloud!  

(The writer is the Group Vice President and Chief Architect, Core Technology and Cloud, Oracle Asia Pacific @chrischelliah)

COMMENTS