Per Dahlberg and Mark Ross are the founders of the Asia Cloud Computing Association.
Per Dahlberg co-founded the Asia Cloud Computing Association in 2010 and currently serves as Executive Director and CEO. He is also the founder and CEO of Springpoint. His most recent positions include Director, Asia at the GSM Association, and General Manager, Asia at Actix Ltd. Per Dahlberg holds a dual degree in History of Ideas and Chinese language.
Mark Ross is the founder and CEO of CloudGarage and co-founder of the Asia Cloud Computing Association. Mark Ross hasan engineering and economics degree from Carnegie-Mellon University and a Masters degree in Finance and International Business from New York University's Stern School of Management and from Hautes Etudes Commerciales in Paris.
The geographic diversity of Asia makes it ripe for cloud computing. But Asia also poses possibly the greatest challenges as the network capabilities, cost of bandwidth and maturity of legal frameworks vary wildlyacross the region. This fragmentation creates an even greater need for standards as businesses increasingly look to leverage cloud computing. Identifying common practices that can be applied to Asia will help address some of the unique challenges in this region.
A defining moment has arrived in the IT industry today. The nirvana of having technology on-tap is almost within reach. But caution lingers in the air as recent service outages and hacker attacks have added to existing uncertainties.
Cloud computing has clearly sparked much debate. How do you deal with issues such as reliability of access, security and the threat of cybercrime, government access, plus data privacy and data governance? At the commercial layer, we also see concerns about data portability, vendor lock-in and interoperability. In many ways, none of these issues are particularly novel as they have been a feature of the technology dialogue for decades. What’s new is that the cloud is fostering a new conversation around ‘trust’ – trust in my service provider, trust in government, trust in the network, trust in the security of my data, trust in my service level agreement. We are at a pivotal stage of building that ‘trust’ and the Asia Cloud Computing Association has been formed to provide a platform for Asia and it’s key players to work towards resolving these issues.
Asia’s cloud eco-system
In Asia, the opportunity for cloud computing is quite possibly the greatest given the pace of economic growth and the speed of infrastructure development. The geographic diversity of Asia makes it ripe for cloud computing, with businesses compelled to expand quickly across multiple markets. Add to this, the forward-thinking countries will identify the promise of technology leapfrogging as an obvious goal to spur the economic growth that often follows.
With the growth of China and India, businesses globally are pouring into Asia and this will only accelerate the need for viable cloud computing frameworks as these firms seek to leverage flexible and easily sourced IT resources.
But Asia also poses possibly the greatest challenges as the network capabilities, cost of bandwidth and maturity of legal frameworks vary wildly across the region.
Asia’s diversity is a both a challenge and an opportunity. But this fragmentation creates an even greater need for standards as businesses increasingly look to leverage cloud computing across the region. And until now there has been no single organization focused on the cloud opportunities and issues for the Asia Pacific region.
What is clear today is that cloud computing is much bigger than just a trend within the IT industry. It is a social and economic trend that will have far-reaching impact on economies and businesses.
The Centre for Economics and Business Research (CEBR) states in their recent “Cloud Dividend Report” that cloud computing could provide €736 billion of cumulative benefits to Europe’s five largest economies between 2010-2015, and create 2.3 million new jobs. We believe that for Asian economies this number will in time be even higher.
While regulatory issues loom large, another missing piece is the realization that the use of cloud-based services like Google and Amazon by individuals is a very different scenario to businesses using such services.
Most cloud providers have not had to deal with the complex set of expectations and requirements that businesses demand. Clearly some businesses have found a use for cloud services but applied them only where the risks can be minimized. But the problem facing many other businesses here is that of trying to evaluate the risks without clear standard metrics and established forms of governance.
Businesses will demand that these issues be resolved and if the industry fails to address them, significant opportunities will be lost.
At the national level there are very clear issues that currently stall the development of cloud services across the region. Easy transfer of data across markets is a critical pillar of the cloud computing model where shared multi-tenancy infrastructure is the foundation of these services.
The current regulatory environment is such that in most countries the movement of data outside of those countries is restricted.
Without the flexibility that comes from free movement of data, companies will struggle to reap the full potential of cloud computing
Currently the situation is highly fragmented, with agencies and governments all at differing levels of awareness and eagerness to resolve issues around cloud computing.
Even within a country the governance and regulations can vary wildly in each vertical sector. Trying to adopt a consistent cloud model in the current regulatory minefield is a huge challenge for any regional business today.
Transparency is key to ensuring the risks and consequences are visible to business leaders.
Cloud Readiness Index
As a first step to achieve this objective the Association has created an index of key metrics that can be used as a guide for the readiness and capabilities of each market in terms of cloud computing readiness. The index helps highlight fundamental capabilities across network infrastructure, regulatory environment, general availability and adoption of cloud services, plus how each market is progressing in meeting these requirements. This will provide guidance and direction to users, service providers and governments.
The “Cloud Readiness Index”, which was launched on September 7th 2011, analyzes ten key attributes critical to the deployment and use of cloud computing technology across 14 different countries. That includes the region’s acknowledged economic engines, China and India, as well as Australia, Hong Kong, Indonesia, Japan, Korea, Malaysia, New Zealand, the Philippines, Singapore, Taiwan, Thailand and Vietnam. The index will be updated half-yearly.
Carrier-grade cloud services
For wider adoption of cloud computing there must also be agreement on expected levels of performance, reliability and security.
Only through such agreement can providers give customers the confidence to adopt services across a spectrum of needs. At each class of service there must be transparency into what a customer can expect to be delivered with clear service levels and associated service level agreements.
Establishing some agreed standards will give rise to tiers of service as is rightly expected with any service-based offering.
The Association believes that traditional service providers are well positioned to use their experience in driving this given their unique experience in delivering a range of service levels with differing tiers of quality of service.
One key area where this will create more clarity is the expectations around service level agreements and incident management. The lack of clear visibility in how cloud computing service levels will be met and handled in event of outages is hampering customer confidence when it comes to enterprise cloud services.
So when can businesses expect these risks to give way to reliable enterprise-class cloud services where more critical parts of IT can be deployed in the cloud?
Today companies can acquire network services with different classes of service, performance and reliability all of which are understood across the industry. Until the same can be applied to many cloud services, the risks have to assessed and borne by the customer.
With different service levels clearly defined, priced and offered by network service providers, it is clear that cloud services must aim for the same levels of assurance and understanding.
A framework of consistent principles is needed for cloud services to be classified in such a similar manner. The Association is currently working with its members on drafting an agreed range of tiered services with clearly defined levels of performance and service assurance that could be applied across the industry. The framework and the underlying metrics will be published before the end of the year, followed by an index for vendor and services classification early next year.
Security always on top
Topping the majority of polls on why companies have yet to adopt cloud computing is security. Right now this is the industry’s hot topic with a spate of recent high profile attacks and security breaches. And understandably, businesses are fearful of having data reside outside their own firewalls with third parties today.
There is clearly much fear today but in reality the security risks regarding cloud computing have yet to be properly articulated. Customers need to be aware of the real issues to be addressed before decisions on adoption can be made.
The Association seeks to form a list of critical recommendations that the industry can agree on for customers to use as a series of security principles that they can expect providers to work towards.
The objective is not necessarily to seek a universal security recommendation to apply to all countries, but find some common practices that can be applied to Asia specifically in order to address some of the unique challenges in this region. The Association can act as a catalyst to push for greater harmonization and convergence on the key security issues.