Application delivery in the age of the cloud

With large numbers of enterprises migrating to the cloud to minimise costs and vendor lock-in, it’s safe to say that the age of the cloud has finally arrived. At a recent roundtable in Singapore organised by Jicara Media in partnership with Kemp Technologies and Quantiq International, senior executives from enterprises in Singapore came together to discuss their cloud journey and the challenges they were facing in migrating to the cloud.

The discussion was hosted by Benjamin Hodge, Principal Technical Advisor, Kemp, along with Ethan Ore, Solution Architect, Quantiq International, and moderated by Rahul Joshi, Head of Content, Jicara Media. The topics ranged from operational and planning complexity to data sovereignty and security, with the latter revealed as one of the most critical challenges that enterprises are grappling with.

The group of executives had varying levels of experience with the cloud, and the process of comparing notes made for a spirited debate.

Accelerating the Shift

The participants in the room were in various stages of their cloud adoption. While some had not completed their cloud journey or were in the midst of completing their migration, others were in a very advanced cloud adoption stage, such as Ikuo Hayashi, GM Information Systems Department at Mitsui & Company.

Explained Hayashi, “We began the virtualisation of our IT infrastructure more than 10 years back. We use solutions such as Agile, Concur, Office 365 among others. Some of our systems are virtualised but on-premise, while others are on the cloud. The challenge for us at this point in time is to manage both kinds [of architecture] while accelerating the shift to the cloud.”

According to Bruce Leong, Director, Technology & Strategy, Mount Alvernia Hospital, the past nine months’ healthcare security breaches have put a question mark over the cloud mission. “Every such [security] incident puts a dent on the journey. Going forward, the mission-critical systems are unlikely to be on the cloud, though some SaaS models might be moved to the cloud. Avoiding vendor lock-in and reducing costs are important for us, so we are currently trying to move some systems onto the cloud.”

On top of security concerns, there is a need to weigh the benefits of agility, reliability and productivity against the risks, said the participants. The discussions addressed several challenges that would slow the process of migration, and touched on the issue of avoiding being tied to a single vendor and exploring multi-cloud environments.

Alan Goh, Director, Head of IT Singapore & South East Asia, Jones Lang LaSalle, said that his company moved to Office 365 three years back. “We went through a lot from the digital transformation point of view. We do want changes in terms of more agility and workforce improvement, but we are trying to guard against security intrusions at the same time.”

Chandra Segaran Senkodu, Senior Advisor (IT) & Head (Special Projects), Transit Link, agreed.

“We were early adopters of the cloud, to take care of our critical systems. But the recent security lapses, not just in healthcare but in many other sectors, have made us cautious.

When one is talking about a public transport company like ours that handles a lot of data, one has to be very careful.”

Cheng Hua Yap, Director, Technology, Singnet Solutions, on using the cloud for mission-critical applications, added: “We use cloud to monitor movement of ships. Our tracking needs to be accurate and reliable so that accidents or collisions can be avoided.”

Managing a Multi-Cloud Environment

A number of security threats are associated with cloud data services, which continues to be a challenge for enterprises. Also, managing cloud vendors can often resemble a full-time task in itself, draining resources and managerial overhead best deployed towards more productive tasks. The multi-cloud model is increasingly becoming popular, as it avoids a single point of failure and can lead to better cost optimisation for the business, but brings with it its own set of complexities and challenges.

Krishnadas Warrier, Regional IT Business Partner – Corporate Function, Rentokil, said it is difficult to pinpoint failures in a multi-cloud system. “How does one figure out whether it is a cloud failure or the Kony fabric has failed? One simply doesn’t know. When you have to reach out to someone else, possibly in another time zone, you’ve lost control. That is merely one part of the challenge. The other part is that our core system is on-premise. But in a multi-cloud environment with different data servers, there are different rules for different regions. What does that translate into in terms of hosting — does it mean a multi-host strategy?”

Added Azuhar Mohammed, Head of Global Solution Center – Expertise & Innovation, ITS Global Functions & Business Transformation, Sanofi-Aventis: “Pharmaceutical companies such as ours also face these challenges. The concept of moving applications to the cloud seems simple enough, but when we have new regulations coming in, things become expensive and complicated. Take for instance the General Data Protection Regulation (GDPR). Sometime the business cases [of moving to the cloud] are not justified.”

In Singapore, one is so fearful that cloud and other systems should not mix, pointed out Dr Senkodu. “The biggest challenge is how to bridge this gap with the authorities. So it’s a compliance and regulation issue.”

Added Goh, “We have realised that IT teams sometimes can’t talk the language of business. So we have introduced a business partner who is an IT person, who can relate to the business point of view and speak their language — that’s how we bridge the gap.”

“In our company, the entire budget for IT remains the same but the allocation of the budget is different,” said Hayashi. “Basically, we are decreasing the costs for the traditional IT domain by shifting to the cloud. We allocate more money for cybersecurity, innovation – that works for the moment.” He explained that shifting to the cloud means that enterprises are focusing on services, so IT departments need to be reengineered so that the focus is on services rather than technology.

He added that he is looking at reforming the helpdesk as a centre of excellence so that they can provide active support. He is looking at setting up a small group to provide a face-to-face user interface. Goh explained that at his company, they do several training sessions throughout the year as awareness programs for staff. “We even train them to do a bit of workflow management so that they can do it themselves rather than ask IT to help them with it.”

Cloud Vs On-Premise

The debate of what should be on the cloud continues. Every organisation has specific criteria their business partners need to agree with. The tendency is to adopt a hybrid model where critical applications will stay on premise until there is confidence in being able to mitigate security risks and have better control across multiple environments.

According to Leong, there are a few perceptions when it comes to the cloud. “The common perception is that space is a premium, which is why enterprises move to the cloud. The second perception is that moving to cloud will lighten resources. That may not be justified. At the end of the day, these are just perceptions and we need to rethink our strategy and communicate the same to business.”

Sandesh Dessai, Head of Corporate IT, Singapore Meritus International Hotels, said that in the hospitality arena, no one wants to go on the cloud, but that is eventually the way to go. “Security weighs heavily on management decisions. The management wants to know, can you be 100 per cent secure?”

Dr Senkodu added: “Our in-house software will be on cloud. That is our bread and butter. For public transport, the main system will never be on cloud, but non-critical systems could be, certainly.”

Leong said that they are still debating on moving mission-critical sensitive patient information onto the cloud after the recent nationwide breach. According to Goh, despite the doubts, the cloud journey is essential from a workplace transformation point of view. “We just need to figure out how to get visibility and control.”

Hodge summed up that the way forward is to reduce that friction between IT and the business and keep the security challenge under control. “What we do can be very technology-centric. How does technology look and feel like a business interface, how does technology make it easier to communicate with business? These are questions we should be asking. The answers will help bridge that gap and make the journey a lot smoother.”