Of course the cloud is a global model. Just as with free trade and the removal of trade barriers, we will also need to address the challenges of the global cloud.
Managing cloud risks
It is generally recognised that technology tools and processes already exist to protect sensitive data in the cloud (including via the obfuscation of data). However, there are still legal and regulatory hurdles in moving to a global cloud.
We are currently seeing the use of workarounds through a mix of local and global clouds; and hybrid clouds, a mix of public and private clouds.
This enables sensitive data to be restricted to local and/or private clouds. The biggest challenge lies in ensuring the seamless integration of those multiple cloud solutions, across multiple jurisdictions and different (often conflicting) regulatory requirements.
Ultimately, legal and regulatory solutions will emerge to support the migration to global clouds, and enable large enterprises to realise the efficiencies of the global cloud.
For example, contract obligations can be imposed on global cloud operators to handle information in accordance with the standards and policies required under Australian law. Consequently, cloud operators will have little option but to accept these obligations if they are to facilitate cloud take-up across large enterprises.
Contracts can also be combined with mutual recognition regimes across nations. The twenty-one APEC economies have initiated steps for a model for global interoperability among privacy regimes.
If successfully implemented, this will provide mechanisms for organisations to have their privacy policies and practices certified as being consistent with data privacy standards that are recognised throughout the Asia-Pacific region.
From a commercial perspective, there are opportunities for cloud providers to differentiate themselves by offering commercial terms for cloud solutions that align with the business needs of large enterprise customers. The commodity "one-size-fits-all" approach to cloud is a myth, and will simply not work in the large enterprise environment.
Enterprise customers will need to be discerning about ensuring that the cloud offerings meet their commercial requirements.
For example, while cloud solutions can offer greater flexibility and portability under "rental models" (without up-front investment), these benefits will not be realised if the commercial terms require a long-term "lock-in".
It is important to ensure that the commercial terms don't create limitations around the potential opportunities of cloud solutions.
Enterprise customers will also need to manage the risks around business processes "falling between the clouds", due to the challenges of integrating multiple cloud products. The end goal is seamless, end-to-end service delivery (with performance commitments) across multiple clouds.
The adoption of cloud will require significant development of new in-house skills —less focused on the provision of IT services, and more on a business or "broker" role.
Sign up for CIO Asia eNewsletters.